CVE-2019-16760HIGHCVSS 7.5≥ 1.0.0, < 1.26.02019-09-30
CVE-2019-16760 [MEDIUM] CWE-16 CVE-2019-16760: Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `pac
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a mal
cvelistv5nvd