VDB

GCVE-110-MAGEIA-2020-336

GCVE-110-MAGEIA-2020-336
Advisory Published
Vulnetix · Advisory published August 18, 2020
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used and thus permissions are not preserved upon editing. An adversary with prior access to /etc/target/saveconfig.json could access a later version, resulting in a loss of integrity depending on their permission settings (CVE-2020-14019).

Affected Products

VendorProductVersionsPlatforms
Mageiapython-rtslib0 (affected), 2.1.73-1.mga7 (unaffected)

Browse GCVE Records

73,834 records in the GCVE database · Updated July 19, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›