CVE-2019-16760

creationtimestamp| type| source ---|---|--- 2024-10-21 16:00:45+00:00| seen| https://github.blog/security/supply-chain-security/securing-the-open-source-supply-chain-the-essential-role-of-cves/...

BELL-CVE-2019-16760 CVE-2019-16760 does not affect BellSoft software

Bulletin has no description...

SUSE CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

cargo-apk (>=0.3.1 <=0.4.0), cargo-authors (>=0.0.1 <=0.4.0) +33 more potentially affected by CVE-2019-16760 via cargo (>=0.10.0 <=0.26.0)

cargo CARGO version =0.10.0, =0.3.1, =0.0.1, =0.1.0, =0.1.0, =0.2.2, =0.1.1, =0.3.0, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.4.0, =0.1.1, =0.5.1, =0.1.0, =0.2.1 and more Source cves: CVE-2019-16760 Source advisory: OSV:GHSA-9F3P-WVJ7-Q82X...

CVE-2020-16760

CVE-2020-16760 entry is rejected/not used; the candidate number was not assigned to any issues.

CVE-2020-16760

...

CVE-2019-16760

CVE-2019-16760 affects Cargo in Rust releases up to 1.25.0, where the package key in Cargo.toml can cause Cargo to download the wrong dependency. This could allow a malicious package to be substituted when building manifests (affecting locally written and crates.io published manifests). The advis...

CVE-2017-16760

Inedo BuildMaster before 5.8.2 has XSS...

CVE-2017-16760

Inedo BuildMaster is affected by a Cross‑Site Scripting (XSS) vulnerability in versions before 5.8.2. The CNVD entry states that a remote attacker could inject arbitrary web script or HTML, indicating a user‑triggered impact via the web interface. Public details identify BuildMaster prior to 5.8....