Exposure of Cargo
Page builders10
exposure score
458
sites use
0
exploited
0
critical
CVEs
8 resultsCVE-2019-16760MEDIUMCargo prior to Rust 1.26.0 may download the wrong dependencyEPSS 1.3%CVE-2023-40030MEDIUMMalicious dependencies can inject arbitrary JavaScript into cargo-generated timing reportsEPSS 0.8%CVE-2022-36113MEDIUMExtracting malicious crates can corrupt arbitrary filesEPSS 0.8%CVE-2023-38497HIGHCargo not respecting umask when extracting crate archivesEPSS 0.8%CVE-2022-46176MEDIUMCargo did not verify SSH host keysEPSS 0.6%CVE-2022-36114MEDIUMExtracting malicious crates can fill the file systemEPSS 0.6%CVE-2026-5222LOWCargo can be coerced to share credentials between registriesEPSS 0.3%CVE-2026-5223MEDIUMCrates in third party registries can override the cached source of other cratesEPSS 0.3%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →