[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2007-1399":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":43,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":48,"related":49,"reserved_at":9,"published_at":50,"modified_at":51,"state":52,"summary":53,"references_raw":60,"kevs":116,"epss":117,"epss_history":120,"metrics":361,"affected":368},"CVE-2007-1399","Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers to execute arbitrary code via a long zip:// URL, as demonstrated by actively triggering URL access from a remote PHP interpreter via avatar upload or blog pingback.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-OTHER","Other","NVD uses this CWE ID when the weakness does not map to any existing CWE entry.","placeholder","NVD-Reserved",[],[19,28],{"_key":20,"name":21,"source":22,"url":23,"maturity":24,"reliability_score":25,"verified":26,"type":9,"platforms":27,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_B3A325FE5AE4A007","Exploit Reference (php-security.org)","reference","http://www.php-security.org/MOPB/MOPB-16-2007.html","unknown",0.2,false,[],{"_key":29,"name":30,"source":31,"url":32,"maturity":33,"reliability_score":34,"verified":35,"type":36,"platforms":37,"requires_auth":9,"exploitdb":39,"metasploit":9},"3440","PHP 5.2.0 / PHP with PECL ZIP 1.8.3 - 'zip://' URL Wrapper Buffer Overflow","exploit-database","https://www.exploit-db.com/exploits/3440","weaponized",0.8,true,"local",[38],"linux",{"verified":35,"type":36,"platform":38,"file":40,"codes":41},"exploits/linux/local/3440.php",[42,7],"OSVDB-32782",[],[],[46],{"_key":47},"DSA-1330-1",[],[],"2007-03-10T22:00:00.000Z","2024-08-07T12:50:35.275Z","Analyzed",{"cisa_kev":26,"cisa_ransomware":26,"cisa_vendor":9,"epss_severity":54,"epss_score":55,"severity":54,"severity_score":56,"severity_version":57,"severity_source":58,"severity_vector":59,"severity_status":52},"high",0.3902,10,"v2.0","nvd","AV:N/AC:L/Au:N/C:C/I:C/A:C",[61,68,75,82,87,92,98,103,107,112],{"url":23,"sources":62,"tags":64},[63,58],"cve.org",[65,66,67],"X Refsource MISC","Exploit","Vendor Advisory",{"url":69,"sources":70,"tags":71},"http://secunia.com/advisories/24514",[63,58],[72,73,74],"Third Party Advisory","X Refsource SECUNIA","Not Applicable",{"url":76,"sources":77,"tags":78},"http://www.osvdb.org/32782",[63,58],[79,80,81],"VDB Entry","X Refsource OSVDB","Broken Link",{"url":83,"sources":84,"tags":85},"http://www.securityfocus.com/bid/22883",[63,58],[79,86,81],"X Refsource BID",{"url":88,"sources":89,"tags":90},"http://lists.suse.com/archive/suse-security-announce/2007-Mar/0003.html",[63,58],[67,91,81],"X Refsource SUSE",{"url":93,"sources":94,"tags":95},"http://www.debian.org/security/2007/dsa-1330",[63,58],[67,96,97,72],"X Refsource DEBIAN","Mailing List",{"url":99,"sources":100,"tags":101},"http://www.vupen.com/english/advisories/2007/0898",[63,58],[79,102,74],"X Refsource VUPEN",{"url":104,"sources":105,"tags":106},"http://secunia.com/advisories/24471",[63,58],[72,73,74],{"url":108,"sources":109,"tags":110},"https://exchange.xforce.ibmcloud.com/vulnerabilities/32889",[63,58],[79,111,72],"X Refsource XF",{"url":113,"sources":114,"tags":115},"http://secunia.com/advisories/25938",[63,58],[72,73,74],[],{"date":118,"score":55,"percentile":119},"2026-06-04",0.97352,[121,125,128,131,134,136,138,141,143,146,149,152,154,156,158,161,164,167,170,173,176,179,181,183,186,189,191,194,197,200,202,204,207,210,212,214,216,219,222,225,228,231,234,237,240,242,245,247,250,252,254,257,260,263,267,270,273,275,278,281,284,286,289,292,295,297,300,303,305,307,309,312,315,317,320,322,325,327,329,332,335,338,341,344,347,349,351,353,355,358],{"date":122,"score":123,"percentile":124},"2025-11-04",0.34532,0.96797,{"date":126,"score":123,"percentile":127},"2025-11-05",0.96799,{"date":129,"score":123,"percentile":130},"2025-11-06",0.96802,{"date":132,"score":123,"percentile":133},"2025-11-07",0.96804,{"date":135,"score":123,"percentile":133},"2025-11-08",{"date":137,"score":123,"percentile":130},"2025-11-09",{"date":139,"score":123,"percentile":140},"2025-11-10",0.96803,{"date":142,"score":123,"percentile":133},"2025-11-11",{"date":144,"score":123,"percentile":145},"2025-11-12",0.96807,{"date":147,"score":123,"percentile":148},"2025-11-13",0.96808,{"date":150,"score":123,"percentile":151},"2025-11-14",0.96809,{"date":153,"score":123,"percentile":148},"2025-11-15",{"date":155,"score":123,"percentile":148},"2025-11-16",{"date":157,"score":123,"percentile":151},"2025-11-17",{"date":159,"score":123,"percentile":160},"2025-11-18",0.9677,{"date":162,"score":123,"percentile":163},"2025-11-19",0.96771,{"date":165,"score":123,"percentile":166},"2025-11-20",0.96773,{"date":168,"score":123,"percentile":169},"2025-11-21",0.96816,{"date":171,"score":123,"percentile":172},"2025-11-22",0.96814,{"date":174,"score":123,"percentile":175},"2025-11-23",0.96812,{"date":177,"score":123,"percentile":178},"2025-11-24",0.96817,{"date":180,"score":123,"percentile":169},"2025-11-25",{"date":182,"score":123,"percentile":178},"2025-11-26",{"date":184,"score":123,"percentile":185},"2025-11-27",0.96819,{"date":187,"score":123,"percentile":188},"2025-11-28",0.96818,{"date":190,"score":123,"percentile":185},"2025-11-29",{"date":192,"score":123,"percentile":193},"2025-11-30",0.9682,{"date":195,"score":123,"percentile":196},"2025-12-01",0.96846,{"date":198,"score":123,"percentile":199},"2025-12-02",0.96845,{"date":201,"score":123,"percentile":199},"2025-12-03",{"date":203,"score":123,"percentile":193},"2025-12-04",{"date":205,"score":123,"percentile":206},"2025-12-05",0.96821,{"date":208,"score":123,"percentile":209},"2025-12-06",0.96822,{"date":211,"score":123,"percentile":193},"2025-12-07",{"date":213,"score":123,"percentile":193},"2025-12-08",{"date":215,"score":123,"percentile":209},"2025-12-09",{"date":217,"score":123,"percentile":218},"2025-12-10",0.96828,{"date":220,"score":123,"percentile":221},"2025-12-11",0.96829,{"date":223,"score":55,"percentile":224},"2025-12-12",0.97109,{"date":226,"score":55,"percentile":227},"2025-12-13",0.97111,{"date":229,"score":55,"percentile":230},"2025-12-14",0.97108,{"date":232,"score":55,"percentile":233},"2025-12-15",0.9711,{"date":235,"score":55,"percentile":236},"2025-12-16",0.97112,{"date":238,"score":55,"percentile":239},"2025-12-17",0.97115,{"date":241,"score":55,"percentile":239},"2025-12-18",{"date":243,"score":55,"percentile":244},"2025-12-19",0.97117,{"date":246,"score":55,"percentile":244},"2025-12-20",{"date":248,"score":55,"percentile":249},"2025-12-21",0.97116,{"date":251,"score":55,"percentile":239},"2025-12-22",{"date":253,"score":55,"percentile":249},"2025-12-23",{"date":255,"score":55,"percentile":256},"2025-12-24",0.97118,{"date":258,"score":55,"percentile":259},"2025-12-25",0.97122,{"date":261,"score":55,"percentile":262},"2025-12-26",0.97123,{"date":264,"score":265,"percentile":266},"2025-12-27",0.41517,0.97289,{"date":268,"score":55,"percentile":269},"2025-12-28",0.97124,{"date":271,"score":55,"percentile":272},"2025-12-29",0.97126,{"date":274,"score":55,"percentile":272},"2025-12-30",{"date":276,"score":55,"percentile":277},"2025-12-31",0.9713,{"date":279,"score":55,"percentile":280},"2026-01-01",0.97156,{"date":282,"score":55,"percentile":283},"2026-01-02",0.97155,{"date":285,"score":55,"percentile":280},"2026-01-03",{"date":287,"score":55,"percentile":288},"2026-01-04",0.97132,{"date":290,"score":55,"percentile":291},"2026-01-05",0.97133,{"date":293,"score":55,"percentile":294},"2026-01-06",0.97134,{"date":296,"score":55,"percentile":294},"2026-01-07",{"date":298,"score":55,"percentile":299},"2026-01-08",0.97135,{"date":301,"score":55,"percentile":302},"2026-01-09",0.97137,{"date":304,"score":55,"percentile":302},"2026-01-10",{"date":306,"score":55,"percentile":302},"2026-01-11",{"date":308,"score":55,"percentile":302},"2026-01-12",{"date":310,"score":55,"percentile":311},"2026-01-13",0.97138,{"date":313,"score":55,"percentile":314},"2026-01-14",0.97142,{"date":316,"score":55,"percentile":314},"2026-01-15",{"date":318,"score":55,"percentile":319},"2026-01-16",0.97145,{"date":321,"score":55,"percentile":319},"2026-01-17",{"date":323,"score":55,"percentile":324},"2026-01-18",0.97146,{"date":326,"score":55,"percentile":324},"2026-01-19",{"date":328,"score":55,"percentile":324},"2026-01-20",{"date":330,"score":55,"percentile":331},"2026-01-21",0.97147,{"date":333,"score":55,"percentile":334},"2026-01-22",0.97148,{"date":336,"score":55,"percentile":337},"2026-01-23",0.9715,{"date":339,"score":55,"percentile":340},"2026-01-24",0.97152,{"date":342,"score":55,"percentile":343},"2026-01-25",0.97153,{"date":345,"score":55,"percentile":346},"2026-01-26",0.97154,{"date":348,"score":55,"percentile":346},"2026-01-27",{"date":350,"score":55,"percentile":280},"2026-01-28",{"date":352,"score":55,"percentile":280},"2026-01-29",{"date":354,"score":55,"percentile":280},"2026-01-30",{"date":356,"score":55,"percentile":357},"2026-01-31",0.97158,{"date":359,"score":55,"percentile":360},"2026-02-01",0.97181,[362],{"source":58,"cvss_v2_0":363,"cvss_v3_0":9,"cvss_v3_1":364,"cvss_v4_0":9},{"baseScore":56,"baseSeverity":9,"vectorString":59,"impactScore":56,"exploitabilityScore":56},{"baseScore":365,"baseSeverity":366,"vectorString":367,"impactScore":365,"exploitabilityScore":56},9.8,"CRITICAL","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[369,377],{"ecosystem":9,"name":370,"vendor":9,"product":370,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":371},"PHP",[372,375],{"version":373,"is_range":26,"range_type":374,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.0","cpe",{"version":376,"is_range":26,"range_type":374,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"5.2.1",{"ecosystem":9,"name":378,"vendor":379,"product":380,"cpe_part":381,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":382},"php zip","pierrejoye","php_zip","a",[383],{"version":384,"is_range":35,"range_type":374,"version_start":9,"version_start_type":9,"version_end":385,"version_end_type":386,"fixed_in":9},"lt1.8.4","1.8.4","excluding"]