Information on source package cargo

Available versions

ReleaseVersion
jessie0.35.0-2~deb8u1
stretch0.43.1-3~deb9u1
buster0.43.1-3~deb10u1
bullseye0.47.0-3
bookworm0.66.0+ds1-1

Open issues

BugjessiestretchbusterbullseyebookwormDescription
CVE-2023-40030vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA, ignored)Cargo downloads a Rust project\u2019s dependencies and compiles the pr ...
CVE-2023-38497vulnerablevulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA, ignored)Cargo downloads the Rust project\u2019s dependencies and compiles the ...
CVE-2022-46176vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedCargo is a Rust package manager. The Rust Security Response WG was not ...
CVE-2022-36114vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedCargo is a package manager for the rust programming language. It was d ...
CVE-2022-36113vulnerablevulnerablevulnerable (no DSA)vulnerable (no DSA)fixedCargo is a package manager for the rust programming language. After a ...

Resolved issues

BugDescription
CVE-2019-16760Cargo prior to Rust 1.26.0 may download the wrong dependency if your p ...
CVE-2016-10130The http_connect function in transports/http.c in libgit2 before 0.24. ...
CVE-2016-10129The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x bef ...
CVE-2016-10128Buffer overflow in the git_pkt_parse_line function in transports/smart ...
CVE-2016-8569The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ...
CVE-2016-8568The git_commit_message function in oid.c in libgit2 before 0.24.3 allo ...

Search for package or bug name: Reporting problems