Rust

Introduction

JFrog Xray provides security and compliance analysis for Rust applications throughout the software development lifecycle. This page describes the supported scan contexts, capabilities, and dependency analysis available for Rust.

Capabilities

Capability	Source Code Scanning	Binary Scanning
Vulnerability Matching (CVEs)	🔜	✅
License Detection	🔜	✅
Malicious Package Detection	🔜	✅
Operational Risk	❌	❌
Smart Remediation	❌	❌

SCA capabilities are not currently available for Rust in the source code scanning context.

Supported Files

Package Manager	Supported Files
Cargo	❌ Not supported

Additional Information

Binary scanning is the primary method for Rust SCA analysis. Frogbot V3 will add dependency extraction from Cargo.lock for SBOM visibility.