pkg:Debian/rust-cargo

7 total CVEsHIGH1MEDIUM5LOW1

✅ Check your installed version

All known vulnerabilities

  • HIGH7.9CVE-2023-38497Cargo not respecting umask when extracting crate archives
    from 0
  • MEDIUM6.5CVE-2026-5222Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol.
    from 0
  • MEDIUM6.1CVE-2023-40030Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports
    from 0
  • MEDIUM5.3CVE-2026-5223Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override…
    from 0
  • MEDIUM5.3CVE-2022-46176Cargo did not verify SSH host keys
    from 0
  • MEDIUM4.2CVE-2022-36114Cargo extracting malicious crates can fill the file system
    from 0
  • LOW3.9CVE-2022-36113Cargo extracting malicious crates can corrupt arbitrary files
    from 0