From 269131e024fa90f157f7e32ee7f278313de7e5e2 Mon Sep 17 00:00:00 2001
From: Eliah Kagan <degeneracypressure@gmail.com>
Date: Tue, 8 Apr 2025 02:52:38 -0400
Subject: [PATCH] Add references to RUSTSEC-2025-0021

Since it was added in #2268, RUSTSEC-2025-0021 (CVE-2025-31130) has
an entry in the GitHub Advisory Database. As planned in #2268, this
adds the link to that global GHSA, as well as to the National
Vulnerability Database entry for the CVE.
---
 crates/gix-features/RUSTSEC-2025-0021.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/crates/gix-features/RUSTSEC-2025-0021.md b/crates/gix-features/RUSTSEC-2025-0021.md
index be7a0c879..4716e6853 100644
--- a/crates/gix-features/RUSTSEC-2025-0021.md
+++ b/crates/gix-features/RUSTSEC-2025-0021.md
@@ -4,6 +4,10 @@ id = "RUSTSEC-2025-0021"
 package = "gix-features"
 date = "2025-04-03"
 url = "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6"
+references = [
+    "https://github.com/advisories/GHSA-2frx-2596-x5r6",
+    "https://nvd.nist.gov/vuln/detail/CVE-2025-31130",
+]
 categories = ["crypto-failure"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N"
 keywords = ["hash-collision", "sha-1", "weak-hash"]