Sigstore-Ruby is a pure Ruby library that emulates the sigstore verify command, a tool used to attest digital signatures on software artifacts. The vulnerability stems from the Verifier#verify method, which fails to propagate a VerificationFailure returned by the underlying verify_in_toto routine when the artifact digest does not match the digest listed in the in‑toto attestation subject. As a result, any DSSE bundle containing an in‑toto statement that references a different artifact is still reported as VerificationSuccess. This failure path allows an attacker to supply a malicious artifact and have the verifier believe it is legitimate, effectively bypassing integrity checks and enabling the deployment of tampered software.

The affected product is Sigstore::Ruby, part of the sigstore/sigstore-ruby project. Vulnerability exists in all releases prior to version 0.2.3. Users relying on older versions of the ruby library to validate DSSE bundles are susceptible.

The CVSS score of 7.5 indicates a high severity, and the EPSS score of less than 1% suggests low but nonzero exploitation probability. The vulnerability is not currently listed in the CISA KEV catalog, but its impact on software supply chain integrity is significant. Attackers can exploit the flaw by crafting a DSSE bundle with a mismatched subject digest and feeding it to any service or application that relies on Sigstore::Ruby for verification. Since the flaw is purely in the verification logic, the attack requires only the ability to supply a crafted bundle, making the attack vector relatively straightforward for remote contributors or automated build systems.