CGA-27h3-hwpj-8vr3

Source
https://images.chainguard.dev/security/CGA-27h3-hwpj-8vr3
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-27h3-hwpj-8vr3.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-27h3-hwpj-8vr3
Upstream
Published
2026-02-05T16:30:29Z
Modified
2026-07-17T18:28:13.625540651Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / librechat

Package

Name
librechat
Purl
pkg:apk/chainguard/librechat?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.2-r2

Ecosystem specific

{
    "components": [
        {
            "component_name": "lodash-es",
            "component_location": "/app/node_modules/lodash-es/package.json",
            "latest_event_timestamp": "2026-02-14T00:36:29Z",
            "component_version": "4.17.22",
            "component_type": "npm",
            "component_purl": "pkg:npm/lodash-es@4.17.22",
            "latest_event_status": "fixed",
            "architecture": "aarch64"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-27h3-hwpj-8vr3.json"