[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-15113":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":20,"duplicate_of":9,"upstream":23,"downstream":24,"duplicates":35,"related":36,"reserved_at":9,"published_at":39,"modified_at":40,"state":41,"summary":42,"references_raw":51,"kevs":84,"epss":85,"epss_history":88,"metrics":352,"affected":371},"CVE-2020-15113","In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll. This function does not perform any permission checks when a given directory path exists already. A possible workaround is to ensure the directories have the desired permission (700).",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-281","Improper Preservation of Permissions","The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.","weakness","Draft","Base",[],[],[21,22],"GHSA-chh6-ppwq-jh92","BIT-etcd-2020-15113",[],[25,27,29,31,33],{"_key":26},"USN-5628-1",{"_key":28},"USN-5628-2",{"_key":30},"DEBIAN-CVE-2020-15113",{"_key":32},"RHSA-2021:0916",{"_key":34},"UBUNTU-CVE-2020-15113",[],[37],{"_key":38},"CGA-RM48-C4RX-Q7XP","2020-08-05T19:30:13.000Z","2024-08-04T13:08:22.262Z","Modified",{"cisa_kev":43,"cisa_ransomware":43,"cisa_vendor":9,"epss_severity":44,"epss_score":45,"severity":46,"severity_score":47,"severity_version":48,"severity_source":49,"severity_vector":50,"severity_status":41},false,"low",0.00024,"high",7.1,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",[52,61,67,72,76,80],{"url":53,"sources":54,"tags":57},"https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92",[55,49,56],"cve.org","osv_go",[58,59,60],"X Refsource CONFIRM","Third Party Advisory","WEB",{"url":62,"sources":63,"tags":64},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP/",[55,49],[65,66],"Vendor Advisory","X Refsource FEDORA",{"url":68,"sources":69,"tags":70},"https://nvd.nist.gov/vuln/detail/CVE-2020-15113",[56],[71],"Advisory",{"url":73,"sources":74,"tags":75},"https://github.com/etcd-io/etcd/commit/6be5c54c94298ae6746a574d2af8227d0c9a998b",[56],[60],{"url":77,"sources":78,"tags":79},"https://github.com/etcd-io/etcd/commit/e5424fc474b274c9e6b5205165015bc2035745f2",[56],[60],{"url":81,"sources":82,"tags":83},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6B6R43Y7M3DCHWK3L3UVGE2K6WWECMP",[56],[60],[],{"date":86,"score":45,"percentile":87},"2026-06-04",0.07176,[89,93,96,99,102,105,107,110,113,116,119,122,125,128,131,135,138,140,143,146,149,152,155,158,161,164,167,170,173,176,179,182,185,188,190,193,196,199,202,205,208,211,214,217,220,223,226,229,232,235,238,241,244,246,249,252,255,258,261,264,267,270,273,275,278,281,284,287,290,293,295,298,301,304,306,309,312,315,317,320,323,326,329,331,334,337,340,343,346,349],{"date":90,"score":91,"percentile":92},"2025-11-04",0.00023,0.04766,{"date":94,"score":91,"percentile":95},"2025-11-05",0.04778,{"date":97,"score":91,"percentile":98},"2025-11-06",0.04892,{"date":100,"score":91,"percentile":101},"2025-11-07",0.049,{"date":103,"score":91,"percentile":104},"2025-11-08",0.04898,{"date":106,"score":91,"percentile":104},"2025-11-09",{"date":108,"score":91,"percentile":109},"2025-11-10",0.04879,{"date":111,"score":91,"percentile":112},"2025-11-11",0.04917,{"date":114,"score":91,"percentile":115},"2025-11-12",0.04931,{"date":117,"score":91,"percentile":118},"2025-11-13",0.04964,{"date":120,"score":91,"percentile":121},"2025-11-14",0.04999,{"date":123,"score":91,"percentile":124},"2025-11-15",0.05021,{"date":126,"score":91,"percentile":127},"2025-11-16",0.05033,{"date":129,"score":91,"percentile":130},"2025-11-17",0.05032,{"date":132,"score":133,"percentile":134},"2025-11-18",0.00032,0.04903,{"date":136,"score":133,"percentile":137},"2025-11-19",0.04943,{"date":139,"score":133,"percentile":121},"2025-11-20",{"date":141,"score":91,"percentile":142},"2025-11-21",0.05083,{"date":144,"score":91,"percentile":145},"2025-11-22",0.05085,{"date":147,"score":91,"percentile":148},"2025-11-23",0.05076,{"date":150,"score":91,"percentile":151},"2025-11-24",0.0506,{"date":153,"score":91,"percentile":154},"2025-11-25",0.05072,{"date":156,"score":91,"percentile":157},"2025-11-26",0.0511,{"date":159,"score":91,"percentile":160},"2025-11-27",0.05128,{"date":162,"score":91,"percentile":163},"2025-11-28",0.05111,{"date":165,"score":91,"percentile":166},"2025-11-29",0.05159,{"date":168,"score":91,"percentile":169},"2025-11-30",0.05154,{"date":171,"score":91,"percentile":172},"2025-12-01",0.05241,{"date":174,"score":91,"percentile":175},"2025-12-02",0.05256,{"date":177,"score":91,"percentile":178},"2025-12-03",0.0528,{"date":180,"score":91,"percentile":181},"2025-12-04",0.05232,{"date":183,"score":91,"percentile":184},"2025-12-05",0.05295,{"date":186,"score":91,"percentile":187},"2025-12-06",0.05305,{"date":189,"score":91,"percentile":187},"2025-12-07",{"date":191,"score":91,"percentile":192},"2025-12-08",0.0531,{"date":194,"score":91,"percentile":195},"2025-12-09",0.0535,{"date":197,"score":91,"percentile":198},"2025-12-10",0.05414,{"date":200,"score":91,"percentile":201},"2025-12-11",0.05416,{"date":203,"score":91,"percentile":204},"2025-12-12",0.05442,{"date":206,"score":91,"percentile":207},"2025-12-13",0.05488,{"date":209,"score":91,"percentile":210},"2025-12-14",0.05468,{"date":212,"score":91,"percentile":213},"2025-12-15",0.05438,{"date":215,"score":91,"percentile":216},"2025-12-16",0.05447,{"date":218,"score":91,"percentile":219},"2025-12-17",0.05511,{"date":221,"score":91,"percentile":222},"2025-12-18",0.05551,{"date":224,"score":91,"percentile":225},"2025-12-19",0.05536,{"date":227,"score":91,"percentile":228},"2025-12-20",0.05535,{"date":230,"score":91,"percentile":231},"2025-12-21",0.05529,{"date":233,"score":91,"percentile":234},"2025-12-22",0.05477,{"date":236,"score":91,"percentile":237},"2025-12-23",0.05489,{"date":239,"score":91,"percentile":240},"2025-12-24",0.05521,{"date":242,"score":91,"percentile":243},"2025-12-25",0.05556,{"date":245,"score":91,"percentile":243},"2025-12-26",{"date":247,"score":91,"percentile":248},"2025-12-27",0.05555,{"date":250,"score":91,"percentile":251},"2025-12-28",0.05546,{"date":253,"score":91,"percentile":254},"2025-12-29",0.05537,{"date":256,"score":91,"percentile":257},"2025-12-30",0.05497,{"date":259,"score":91,"percentile":260},"2025-12-31",0.05531,{"date":262,"score":91,"percentile":263},"2026-01-01",0.05604,{"date":265,"score":91,"percentile":266},"2026-01-02",0.05597,{"date":268,"score":91,"percentile":269},"2026-01-03",0.05561,{"date":271,"score":91,"percentile":272},"2026-01-04",0.05466,{"date":274,"score":91,"percentile":201},"2026-01-05",{"date":276,"score":91,"percentile":277},"2026-01-06",0.05412,{"date":279,"score":91,"percentile":280},"2026-01-07",0.05433,{"date":282,"score":91,"percentile":283},"2026-01-08",0.05495,{"date":285,"score":91,"percentile":286},"2026-01-09",0.05498,{"date":288,"score":91,"percentile":289},"2026-01-10",0.05506,{"date":291,"score":91,"percentile":292},"2026-01-11",0.05492,{"date":294,"score":91,"percentile":207},"2026-01-12",{"date":296,"score":91,"percentile":297},"2026-01-13",0.05479,{"date":299,"score":91,"percentile":300},"2026-01-14",0.05523,{"date":302,"score":91,"percentile":303},"2026-01-15",0.05508,{"date":305,"score":91,"percentile":219},"2026-01-16",{"date":307,"score":91,"percentile":308},"2026-01-17",0.05522,{"date":310,"score":91,"percentile":311},"2026-01-18",0.05516,{"date":313,"score":91,"percentile":314},"2026-01-19",0.05475,{"date":316,"score":91,"percentile":216},"2026-01-20",{"date":318,"score":91,"percentile":319},"2026-01-21",0.05445,{"date":321,"score":91,"percentile":322},"2026-01-22",0.05425,{"date":324,"score":91,"percentile":325},"2026-01-23",0.05484,{"date":327,"score":91,"percentile":328},"2026-01-24",0.05528,{"date":330,"score":91,"percentile":314},"2026-01-25",{"date":332,"score":91,"percentile":333},"2026-01-26",0.05451,{"date":335,"score":91,"percentile":336},"2026-01-27",0.0543,{"date":338,"score":91,"percentile":339},"2026-01-28",0.05415,{"date":341,"score":91,"percentile":342},"2026-01-29",0.05426,{"date":344,"score":91,"percentile":345},"2026-01-30",0.05423,{"date":347,"score":91,"percentile":348},"2026-01-31",0.0542,{"date":350,"score":91,"percentile":351},"2026-02-01",0.0549,[353,360,369],{"source":55,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":354,"cvss_v4_0":9},{"baseScore":355,"baseSeverity":356,"vectorString":357,"impactScore":358,"exploitabilityScore":359},5.7,"MEDIUM","CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",8.7,1.3,{"source":49,"cvss_v2_0":361,"cvss_v3_0":9,"cvss_v3_1":366,"cvss_v4_0":9},{"baseScore":362,"baseSeverity":9,"vectorString":363,"impactScore":364,"exploitabilityScore":365},3.6,"AV:L/AC:L/Au:N/C:P/I:P/A:N",4.9,3.9,{"baseScore":47,"baseSeverity":367,"vectorString":50,"impactScore":358,"exploitabilityScore":368},"HIGH",4.6,{"source":56,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":370,"cvss_v4_0":9},{"baseScore":355,"baseSeverity":9,"vectorString":357,"impactScore":358,"exploitabilityScore":359},[372,385,394,401],{"ecosystem":9,"name":373,"vendor":374,"product":373,"cpe_part":375,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":376},"etcd","etcd-io","a",[377,382],{"version":378,"is_range":379,"range_type":55,"version_start":9,"version_start_type":9,"version_end":380,"version_end_type":381,"fixed_in":9},"\u003C 3.3.23",true,"3.3.23","excluding",{"version":383,"is_range":379,"range_type":55,"version_start":9,"version_start_type":9,"version_end":384,"version_end_type":381,"fixed_in":9},"\u003C 3.4.10","3.4.10",{"ecosystem":9,"name":373,"vendor":373,"product":373,"cpe_part":375,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":386},[387,390],{"version":388,"is_range":379,"range_type":389,"version_start":9,"version_start_type":9,"version_end":380,"version_end_type":381,"fixed_in":9},"lt3.3.23","cpe",{"version":391,"is_range":379,"range_type":389,"version_start":392,"version_start_type":393,"version_end":384,"version_end_type":381,"fixed_in":9},"gte3.4.0_lt3.4.10","3.4.0","including",{"ecosystem":9,"name":395,"vendor":396,"product":395,"cpe_part":397,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":398},"fedora","fedoraproject","o",[399],{"version":400,"is_range":43,"range_type":389,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"32",{"ecosystem":402,"name":403,"vendor":404,"product":373,"cpe_part":9,"purl_type":405,"purl_namespace":404,"purl_name":373,"source":9,"versions":406},"Go","github.com/etcd-io/etcd","github.com/etcd-io","golang",[407,411],{"version":408,"is_range":379,"range_type":409,"version_start":410,"version_start_type":393,"version_end":384,"version_end_type":381,"fixed_in":9},"gte3_4_0_rc_0_lt3_4_10","semver","3.4.0-rc.0",{"version":412,"is_range":379,"range_type":409,"version_start":9,"version_start_type":9,"version_end":380,"version_end_type":381,"fixed_in":9},"lt3_3_23"]