rust Cargo Vulnerabilities

Rust Cargo vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

25 May 2026

Symlink Handling Issue in Cargo from Rust Language
CVE-2026-5223
Rust ProjectCargo6.5MEDIUM
URL Normalization Vulnerability in Cargo Affects Rust Programming Language
CVE-2026-5222
RustCargo2.3LOW

24 August 2023

Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports
CVE-2023-40030
Rust-langCargo6.1MEDIUM

4 August 2023

Cargo not respecting umask when extracting crate archives
CVE-2023-38497
Rust-langCargo👾🟡7.8HIGH

11 January 2023

Cargo did not verify SSH host keys
CVE-2022-46176
Rust-langCargo5.3MEDIUM

14 September 2022

30 September 2019

Cargo prior to Rust 1.26.0 may download the wrong dependency
CVE-2019-16760
RustCargo4.6MEDIUM