products / rust

Rust

Rust is tracked as cpe:2.3:a:rust-lang:rust. CVE assignments are newer than for legacy runtimes; confirm eligibility with scripts/test_nvd.py before relying on broad marketing claims.

api usage

Querying Rust

product slugrust

version format1.70.0, 1.82.0, semver

bash

curl "https://api.attestd.io/v1/check?product=rust&version=1.70.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

json

{
  "product": "rust",
  "version": "1.70.0",
  "supported": true,
  "risk_state": "high",
  "risk_factors": [
    "command_injection",
    "patch_available"
  ],
  "actively_exploited": false,
  "remote_exploitable": false,
  "authentication_required": false,
  "patch_available": true,
  "fixed_version": "1.77.2",
  "confidence": 0.72,
  "cve_ids": ["CVE-2024-24576"],
  "last_updated": "2026-05-13T18:00:00Z",
  "supply_chain": null
}

safe version

bash

curl "https://api.attestd.io/v1/check?product=rust&version=1.82.0" \
  -H "Authorization: Bearer $ATTESTD_KEY"

notable cves

CVE history

CVE	Description	CVSS
`CVE-2024-24576`	Windows: improper escaping when invoking batch files — command injection on special device names.	10.0

All products Go Python Response Field Reference