pkg:Debian/rust-cargo

所有已知漏洞

• HIGH7.9CVE-2023-38497Cargo not respecting umask when extracting crate archives
  from 0
• MEDIUM6.5CVE-2026-5222Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol.
  from 0
• MEDIUM6.1CVE-2023-40030Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports
  from 0
• MEDIUM5.3CVE-2026-5223Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override…
  from 0
• MEDIUM5.3CVE-2022-46176Cargo did not verify SSH host keys
  from 0
• MEDIUM4.2CVE-2022-36114Cargo extracting malicious crates can fill the file system
  from 0
• LOW3.9CVE-2022-36113Cargo extracting malicious crates can corrupt arbitrary files
  from 0