[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-7063":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":19,"aliases":29,"duplicate_of":9,"upstream":30,"downstream":31,"duplicates":64,"related":65,"reserved_at":9,"published_at":74,"modified_at":75,"state":76,"summary":77,"references_raw":85,"kevs":130,"epss":131,"epss_history":134,"metrics":406,"affected":422},"CVE-2020-7063","In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (0666, or all access) even if the original files on the filesystem were with more restrictive permissions. This may result in files having more lax permissions than intended when such archive is extracted.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-281","Improper Preservation of Permissions","The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.","weakness","Draft","Base",[],[20],{"_key":21,"name":22,"source":23,"url":24,"maturity":25,"reliability_score":26,"verified":27,"type":9,"platforms":28,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_33E02C9235F82F5B","Exploit Reference (bugs.php.net)","reference","https://bugs.php.net/bug.php?id=79082","unknown",0.2,false,[],[],[],[32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":33},"SUSE-SU-2020:0622-1",{"_key":35},"SUSE-SU-2020:0647-1",{"_key":37},"SUSE-SU-2020:0658-1",{"_key":39},"SUSE-SU-2022:4067-1",{"_key":41},"OPENSUSE-SU-2020:0341-1",{"_key":43},"OPENSUSE-SU-2024:11167-1",{"_key":45},"OPENSUSE-SU-2024:11169-1",{"_key":47},"RHSA-2020:5275",{"_key":49},"DLA-2160-1",{"_key":51},"DSA-4717-1",{"_key":53},"DSA-4719-1",{"_key":55},"MGASA-2020-0119",{"_key":57},"UBUNTU-CVE-2020-7063",{"_key":59},"USN-4330-1",{"_key":61},"DEBIAN-CVE-2020-7063",{"_key":63},"RHSA-2020:3662",[],[66,67,68,69,70,71,72,73],{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":55},"2020-02-27T20:25:15.606Z","2024-09-16T16:49:14.274Z","Modified",{"cisa_kev":27,"cisa_ransomware":27,"cisa_vendor":9,"epss_severity":78,"epss_score":79,"severity":80,"severity_score":81,"severity_version":82,"severity_source":83,"severity_vector":84,"severity_status":76},"low",0.00301,"medium",5.5,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",[86,93,99,104,110,115,120,124],{"url":24,"sources":87,"tags":89},[83,88],"nvd",[90,91,92],"X Refsource MISC","Exploit","Vendor Advisory",{"url":94,"sources":95,"tags":96},"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00023.html",[83,88],[92,97,98],"X Refsource SUSE","Third Party Advisory",{"url":100,"sources":101,"tags":102},"https://security.gentoo.org/glsa/202003-57",[83,88],[92,103,98],"X Refsource GENTOO",{"url":105,"sources":106,"tags":107},"https://lists.debian.org/debian-lts-announce/2020/03/msg00034.html",[83,88],[108,109,98],"Mailing List","X Refsource MLIST",{"url":111,"sources":112,"tags":113},"https://usn.ubuntu.com/4330-1/",[83,88],[92,114,98],"X Refsource UBUNTU",{"url":116,"sources":117,"tags":118},"https://www.debian.org/security/2020/dsa-4717",[83,88],[92,119,98],"X Refsource DEBIAN",{"url":121,"sources":122,"tags":123},"https://www.debian.org/security/2020/dsa-4719",[83,88],[92,119,98],{"url":125,"sources":126,"tags":127},"https://www.tenable.com/security/tns-2021-14",[83,88],[128,129,98],"X Refsource CONFIRM","Patch",[],{"date":132,"score":79,"percentile":133},"2026-06-04",0.53696,[135,139,142,145,148,151,154,157,160,163,166,169,172,174,177,181,184,187,190,193,196,199,202,205,208,211,214,217,221,224,227,230,232,235,238,241,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,298,301,304,307,310,313,316,319,322,325,328,331,334,337,339,342,345,348,350,353,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402],{"date":136,"score":137,"percentile":138},"2025-11-04",0.00314,0.54057,{"date":140,"score":137,"percentile":141},"2025-11-05",0.54018,{"date":143,"score":137,"percentile":144},"2025-11-06",0.54034,{"date":146,"score":137,"percentile":147},"2025-11-07",0.5406,{"date":149,"score":137,"percentile":150},"2025-11-08",0.54061,{"date":152,"score":137,"percentile":153},"2025-11-09",0.54059,{"date":155,"score":137,"percentile":156},"2025-11-10",0.54035,{"date":158,"score":137,"percentile":159},"2025-11-11",0.54047,{"date":161,"score":137,"percentile":162},"2025-11-12",0.54074,{"date":164,"score":137,"percentile":165},"2025-11-13",0.54084,{"date":167,"score":137,"percentile":168},"2025-11-14",0.54085,{"date":170,"score":137,"percentile":171},"2025-11-15",0.54081,{"date":173,"score":137,"percentile":150},"2025-11-16",{"date":175,"score":137,"percentile":176},"2025-11-17",0.54049,{"date":178,"score":179,"percentile":180},"2025-11-18",0.00484,0.62638,{"date":182,"score":179,"percentile":183},"2025-11-19",0.62652,{"date":185,"score":179,"percentile":186},"2025-11-20",0.6263,{"date":188,"score":137,"percentile":189},"2025-11-21",0.5407,{"date":191,"score":137,"percentile":192},"2025-11-22",0.54067,{"date":194,"score":137,"percentile":195},"2025-11-23",0.54031,{"date":197,"score":137,"percentile":198},"2025-11-24",0.54024,{"date":200,"score":137,"percentile":201},"2025-11-25",0.5403,{"date":203,"score":137,"percentile":204},"2025-11-26",0.54033,{"date":206,"score":137,"percentile":207},"2025-11-27",0.54037,{"date":209,"score":137,"percentile":210},"2025-11-28",0.54012,{"date":212,"score":137,"percentile":213},"2025-11-29",0.53994,{"date":215,"score":137,"percentile":216},"2025-11-30",0.53987,{"date":218,"score":219,"percentile":220},"2025-12-01",0.00252,0.48443,{"date":222,"score":219,"percentile":223},"2025-12-02",0.4846,{"date":225,"score":219,"percentile":226},"2025-12-03",0.48454,{"date":228,"score":137,"percentile":229},"2025-12-04",0.53993,{"date":231,"score":137,"percentile":210},"2025-12-05",{"date":233,"score":137,"percentile":234},"2025-12-06",0.54011,{"date":236,"score":137,"percentile":237},"2025-12-07",0.54001,{"date":239,"score":137,"percentile":240},"2025-12-08",0.54003,{"date":242,"score":137,"percentile":141},"2025-12-09",{"date":244,"score":137,"percentile":245},"2025-12-10",0.54075,{"date":247,"score":137,"percentile":248},"2025-12-11",0.54098,{"date":250,"score":137,"percentile":251},"2025-12-12",0.54124,{"date":253,"score":137,"percentile":254},"2025-12-13",0.54121,{"date":256,"score":137,"percentile":257},"2025-12-14",0.54111,{"date":259,"score":137,"percentile":260},"2025-12-15",0.54102,{"date":262,"score":137,"percentile":263},"2025-12-16",0.54115,{"date":265,"score":137,"percentile":266},"2025-12-17",0.54133,{"date":268,"score":137,"percentile":269},"2025-12-18",0.5417,{"date":271,"score":137,"percentile":272},"2025-12-19",0.54172,{"date":274,"score":137,"percentile":275},"2025-12-20",0.54159,{"date":277,"score":137,"percentile":278},"2025-12-21",0.5414,{"date":280,"score":137,"percentile":281},"2025-12-22",0.54118,{"date":283,"score":137,"percentile":284},"2025-12-23",0.54119,{"date":286,"score":137,"percentile":287},"2025-12-24",0.54129,{"date":289,"score":137,"percentile":290},"2025-12-25",0.54178,{"date":292,"score":137,"percentile":293},"2025-12-26",0.54173,{"date":295,"score":296,"percentile":297},"2025-12-27",0.00461,0.63577,{"date":299,"score":137,"percentile":300},"2025-12-28",0.54151,{"date":302,"score":137,"percentile":303},"2025-12-29",0.54132,{"date":305,"score":137,"percentile":306},"2025-12-30",0.54125,{"date":308,"score":137,"percentile":309},"2025-12-31",0.54142,{"date":311,"score":219,"percentile":312},"2026-01-01",0.48568,{"date":314,"score":219,"percentile":315},"2026-01-02",0.48547,{"date":317,"score":219,"percentile":318},"2026-01-03",0.48536,{"date":320,"score":137,"percentile":321},"2026-01-04",0.54112,{"date":323,"score":137,"percentile":324},"2026-01-05",0.54099,{"date":326,"score":137,"percentile":327},"2026-01-06",0.54105,{"date":329,"score":137,"percentile":330},"2026-01-07",0.5413,{"date":332,"score":137,"percentile":333},"2026-01-08",0.54152,{"date":335,"score":137,"percentile":336},"2026-01-09",0.54144,{"date":338,"score":137,"percentile":309},"2026-01-10",{"date":340,"score":137,"percentile":341},"2026-01-11",0.54122,{"date":343,"score":137,"percentile":344},"2026-01-12",0.54076,{"date":346,"score":137,"percentile":347},"2026-01-13",0.54055,{"date":349,"score":137,"percentile":324},"2026-01-14",{"date":351,"score":137,"percentile":352},"2026-01-15",0.54101,{"date":354,"score":355,"percentile":356},"2026-01-16",0.00303,0.53143,{"date":358,"score":355,"percentile":359},"2026-01-17",0.53129,{"date":361,"score":355,"percentile":362},"2026-01-18",0.53117,{"date":364,"score":355,"percentile":365},"2026-01-19",0.5311,{"date":367,"score":355,"percentile":368},"2026-01-20",0.53109,{"date":370,"score":355,"percentile":371},"2026-01-21",0.53116,{"date":373,"score":355,"percentile":374},"2026-01-22",0.53123,{"date":376,"score":355,"percentile":377},"2026-01-23",0.53164,{"date":379,"score":355,"percentile":380},"2026-01-24",0.53169,{"date":382,"score":355,"percentile":383},"2026-01-25",0.53125,{"date":385,"score":355,"percentile":386},"2026-01-26",0.53108,{"date":388,"score":355,"percentile":389},"2026-01-27",0.53118,{"date":391,"score":355,"percentile":392},"2026-01-28",0.53134,{"date":394,"score":355,"percentile":395},"2026-01-29",0.53128,{"date":397,"score":355,"percentile":398},"2026-01-30",0.5313,{"date":400,"score":355,"percentile":401},"2026-01-31",0.53137,{"date":403,"score":404,"percentile":405},"2026-02-01",0.00243,0.47416,[407,412],{"source":83,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":408,"cvss_v4_0":9},{"baseScore":81,"baseSeverity":409,"vectorString":84,"impactScore":410,"exploitabilityScore":411},"MEDIUM",6,4.6,{"source":88,"cvss_v2_0":413,"cvss_v3_0":9,"cvss_v3_1":418,"cvss_v4_0":9},{"baseScore":414,"baseSeverity":9,"vectorString":415,"impactScore":416,"exploitabilityScore":417},5,"AV:N/AC:L/Au:N/C:N/I:P/A:N",2.9,10,{"baseScore":419,"baseSeverity":409,"vectorString":420,"impactScore":421,"exploitabilityScore":417},5.3,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",2.3,[423,436,442,460,474],{"ecosystem":9,"name":424,"vendor":425,"product":426,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":428},"debian linux","debian","debian_linux","o",[429,432,434],{"version":430,"is_range":27,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":433,"is_range":27,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"version":435,"is_range":27,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0",{"ecosystem":9,"name":437,"vendor":438,"product":437,"cpe_part":427,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":439},"leap","opensuse",[440],{"version":441,"is_range":27,"range_type":431,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1",{"ecosystem":9,"name":443,"vendor":9,"product":443,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":444},"PHP",[445,452,456],{"version":446,"is_range":447,"range_type":83,"version_start":448,"version_start_type":449,"version_end":450,"version_end_type":451,"fixed_in":9},">= 7.3.x, \u003C 7.3.15",true,"7.3.x","including","7.3.15","excluding",{"version":453,"is_range":447,"range_type":83,"version_start":454,"version_start_type":449,"version_end":455,"version_end_type":451,"fixed_in":9},">= 7.4.x, \u003C 7.4.3","7.4.x","7.4.3",{"version":457,"is_range":447,"range_type":83,"version_start":458,"version_start_type":449,"version_end":459,"version_end_type":451,"fixed_in":9},">= 7.2.x, \u003C 7.2.28","7.2.x","7.2.28",{"ecosystem":9,"name":443,"vendor":9,"product":443,"cpe_part":9,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":461},[462,466,470],{"version":463,"is_range":447,"range_type":431,"version_start":464,"version_start_type":449,"version_end":465,"version_end_type":449,"fixed_in":9},"gte7.2.0_lte7.2.27","7.2.0","7.2.27",{"version":467,"is_range":447,"range_type":431,"version_start":468,"version_start_type":449,"version_end":469,"version_end_type":449,"fixed_in":9},"gte7.3.0_lte7.3.14","7.3.0","7.3.14",{"version":471,"is_range":447,"range_type":431,"version_start":472,"version_start_type":449,"version_end":473,"version_end_type":449,"fixed_in":9},"gte7.4.0_lte7.4.2","7.4.0","7.4.2",{"ecosystem":9,"name":475,"vendor":476,"product":475,"cpe_part":477,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":478},"tenable.sc","tenable","a",[479],{"version":480,"is_range":447,"range_type":431,"version_start":9,"version_start_type":9,"version_end":481,"version_end_type":451,"fixed_in":9},"lt5.19.0","5.19.0"]