CVE-2025-59354
published 2025-09-17CVE-2025-59354: Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the DragonFly2 uses a variety of hash functions…
PriorityP429medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EPSS
0.15%
4.7th percentile
Dragonfly is an open source P2P-based file distribution and image acceleration system. Prior to 2.1.0, the DragonFly2 uses a variety of hash functions, including the MD5 hash, for downloaded files. This allows attackers to replace files with malicious ones that have a colliding hash. This vulnerability is fixed in 2.1.0.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d7y.io | dragonfly_v2 | >= 0 < 2.1.0 | 2.1.0 |
| dragonflyoss | dragonfly | < 2.1.0 | 2.1.0 |
| github.com | dragonflyoss_dragonfly | >= 0 < 2.1.0 | 2.1.0 |
| linuxfoundation | dragonfly | < 2.1.0 | 2.1.0 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv4.05.5MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
osv·2025-09-24
CVE-2025-59354 DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
OSV
DragonFly has weak integrity checks for downloaded files
osv·2025-09-17
CVE-2025-59354 [MEDIUM] DragonFly has weak integrity checks for downloaded files
DragonFly has weak integrity checks for downloaded files
### Impact
The DragonFly2 uses a variety of hash functions, including the MD5 hash. This algorithm does not provide collision resistance; it is secure only against preimage attacks. While these security guarantees may be enough for the DragonFly2 system, it is not completely clear if there are any scenarios where lack of the collision resistance would compromise the system. There are no clear benefits to keeping the MD5 hash function in the system.
```golang
var pieceDigests []string
for i := int32(0); i < t.TotalPieces; i++ {
pieceDigests = append(pieceDigests, t.Pieces[i].Md5)
}
digest := digest.SHA256FromStrings(pieceDigests...)
if digest != t.PieceMd5Sign {
t.Errorf("invalid digest, desired: %s, actual: %s", t.PieceMd5Sign, dig
GHSA
DragonFly has weak integrity checks for downloaded files
ghsa·2025-09-17
CVE-2025-59354 [MEDIUM] CWE-328 DragonFly has weak integrity checks for downloaded files
DragonFly has weak integrity checks for downloaded files
### Impact
The DragonFly2 uses a variety of hash functions, including the MD5 hash. This algorithm does not provide collision resistance; it is secure only against preimage attacks. While these security guarantees may be enough for the DragonFly2 system, it is not completely clear if there are any scenarios where lack of the collision resistance would compromise the system. There are no clear benefits to keeping the MD5 hash function in the system.
```golang
var pieceDigests []string
for i := int32(0); i < t.TotalPieces; i++ {
pieceDigests = append(pieceDigests, t.Pieces[i].Md5)
}
digest := digest.SHA256FromStrings(pieceDigests...)
if digest != t.PieceMd5Sign {
t.Errorf("invalid digest, desired: %s, actual: %s", t.PieceMd5Sign, dig
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-17
Published