cargo

CVE-2023-40030 | cargo

August 24, 2023August 25, 2023

Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names… Read More »CVE-2023-40030 | cargo

CVE-2022-36114 | cargo

August 14, 2023August 15, 2023

Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed… Read More »CVE-2022-36114 | cargo

CVE-2022-36113 | cargo

August 14, 2023August 15, 2023

Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on… Read More »CVE-2022-36113 | cargo

CVE-2023-38497 | cargo

August 4, 2023August 18, 2023

Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect… Read More »CVE-2023-38497 | cargo