Release | Version |
---|---|
buster | 0.43.1-3~deb10u1 |
bullseye | 0.47.0-3 |
bookworm | 0.66.0+ds1-1 |
trixie | 0.66.0+ds1-1 |
sid | 0.66.0+ds1-1 |
Bug | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|
CVE-2023-38497 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Cargo downloads the Rust project\u2019s dependencies and compiles the ... |
CVE-2022-46176 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Cargo is a Rust package manager. The Rust Security Response WG was not ... |
CVE-2022-36114 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Cargo is a package manager for the rust programming language. It was d ... |
CVE-2022-36113 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Cargo is a package manager for the rust programming language. After a ... |
Bug | Description |
---|---|
CVE-2019-16760 | Cargo prior to Rust 1.26.0 may download the wrong dependency if your p ... |
CVE-2016-10130 | The http_connect function in transports/http.c in libgit2 before 0.24. ... |
CVE-2016-10129 | The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x bef ... |
CVE-2016-10128 | Buffer overflow in the git_pkt_parse_line function in transports/smart ... |
CVE-2016-8569 | The git_oid_nfmt function in commit.c in libgit2 before 0.24.3 allows ... |
CVE-2016-8568 | The git_commit_message function in oid.c in libgit2 before 0.24.3 allo ... |