Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/35575?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35575?format=api", "vulnerability_id": "VCID-wcjb-xc6g-g7d4", "summary": "Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.", "aliases": [ { "alias": "CVE-2020-14019" }, { "alias": "PYSEC-2020-250" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17033?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.73", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.73" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/17009?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.31", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.31" }, { "url": "http://public2.vulnerablecode.io/api/packages/17010?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.32", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.32" }, { "url": "http://public2.vulnerablecode.io/api/packages/17011?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.35", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.35" }, { "url": "http://public2.vulnerablecode.io/api/packages/17012?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.36", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.36" }, { "url": "http://public2.vulnerablecode.io/api/packages/17013?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.37", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.37" }, { "url": "http://public2.vulnerablecode.io/api/packages/17014?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.38", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.38" }, { "url": "http://public2.vulnerablecode.io/api/packages/17015?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.39", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.39" }, { "url": "http://public2.vulnerablecode.io/api/packages/17016?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.40", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.40" }, { "url": "http://public2.vulnerablecode.io/api/packages/17017?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.43", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.43" }, { "url": "http://public2.vulnerablecode.io/api/packages/17018?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.47", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.47" }, { "url": "http://public2.vulnerablecode.io/api/packages/17019?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.49", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.49" }, { "url": "http://public2.vulnerablecode.io/api/packages/17020?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.51", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.51" }, { "url": "http://public2.vulnerablecode.io/api/packages/17021?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.56", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.56" }, { "url": "http://public2.vulnerablecode.io/api/packages/17022?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.57", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.57" }, { "url": "http://public2.vulnerablecode.io/api/packages/17023?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.58", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.58" }, { "url": "http://public2.vulnerablecode.io/api/packages/17024?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.61", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.61" }, { "url": "http://public2.vulnerablecode.io/api/packages/17025?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.62", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.62" }, { "url": "http://public2.vulnerablecode.io/api/packages/17026?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.63", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.63" }, { "url": "http://public2.vulnerablecode.io/api/packages/17027?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.64", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.64" }, { "url": "http://public2.vulnerablecode.io/api/packages/17028?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.65", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.65" }, { "url": "http://public2.vulnerablecode.io/api/packages/17029?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.66", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.66" }, { "url": "http://public2.vulnerablecode.io/api/packages/17030?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.69", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.69" }, { "url": "http://public2.vulnerablecode.io/api/packages/17031?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.71", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.71" }, { "url": "http://public2.vulnerablecode.io/api/packages/17032?format=api", "purl": "pkg:pypi/rtslib-fb@2.1.72", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-wcjb-xc6g-g7d4" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/rtslib-fb@2.1.72" } ], "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00012.html" }, { "reference_url": "https://github.com/open-iscsi/rtslib-fb/pull/162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/open-iscsi/rtslib-fb/pull/162" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNMCV2DJJTX345YYBXAMJBXNNVUZQ5UH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TNMCV2DJJTX345YYBXAMJBXNNVUZQ5UH/" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcjb-xc6g-g7d4" }