GHSA-7rmh-48mx-2vwc: gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits
mediumvulnerability
security
Summary
gitsign verify has a signature verification flaw where it re-encodes commit objects through go-git before checking signatures, instead of verifying the raw git object bytes. When a malformed commit has duplicate tree headers, git-core and go-git parse them differently (git-core uses the first tree, go-git uses the second), allowing an attacker to craft a signature that passes gitsign verify but refers to a completely different commit than what git-core would show to users, breaking the trust model.
Vulnerability Details
EPSS (30-day exploit probability)
EPSS: 0.0%
Patch Available
Yes
Disclosure Date
May 8, 2026
Classification
Attack SophisticationModerate
Affected Packages
github.com/sigstore/gitsign@< 0.16.0 (fixed: 0.16.0)
Monthly digest — independent AI security research
Original source: https://github.com/advisories/GHSA-7rmh-48mx-2vwc
First tracked: May 8, 2026 at 08:00 PM
Classified by LLM (prompt v3) · confidence: 95%