Vuln
·
Scope
Home
Packages
KEV
Critical
Insights
Jobs
Pricing
EN
中
Loading…
crates.io/cargo — 6 CVEs · VulnScope
pkg:crates.io/
cargo
6 total CVEs
HIGH
2
MEDIUM
3
LOW
1
✅ Check your installed version
Check
All known vulnerabilities
HIGH
7.9
CVE-2023-38497
Cargo not respecting umask when extracting crate archives
from 0, < 0.72.2
HIGH
7.5
CVE-2019-16760
Cargo prior to Rust 1.26.0 may download the wrong dependency
from 0, < 0.27.0
MEDIUM
6.1
CVE-2023-40030
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports
>= 1.60.0, < 1.72
MEDIUM
5.3
Cargo did not verify SSH host keys
from 0, < 0.67.1
MEDIUM
4.2
Cargo extracting malicious crates can fill the file system
from 0, < 0.65.0
LOW
3.9
Cargo extracting malicious crates can corrupt arbitrary files
from 0, < 0.65.0
CVE-2022-46176
CVE-2022-36114
CVE-2022-36113