Astral Astral-tokio-tar — known CVE vulnerabilities
Every CVE whose affected-product data names Astral Astral-tokio-tar, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2026-32766 — CVSS 5.3 (medium): astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were…