CVE-2023-38497 - How a Cargo Bug Could Let Local Attackers Hack Your Rust Projects
The open-source Rust language is known for its focus on safety and secure builds, but in 2023, a nasty vulnerability slipped through the cracks—affecting
CVE-2022-46176 - How Cargo’s Missed SSH Host Key Check Opened the Door to MITM Attacks
CVE-2022-46176 is a serious vulnerability that affected the Cargo package manager, the tool used by most Rust programmers. This bug allowed attackers to perform man-in-the-middle