CGA-2c2m-5c7c-2946

Source
https://images.chainguard.dev/security/CGA-2c2m-5c7c-2946
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-2c2m-5c7c-2946.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-2c2m-5c7c-2946
Upstream
Published
2026-04-17T12:55:20Z
Modified
2026-07-17T18:28:47.048169806Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / argo-workflows-3.7

Package

Name
argo-workflows-3.7
Purl
pkg:apk/chainguard/argo-workflows-3.7?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Ecosystem specific

{
    "components": [
        {
            "component_name": "github.com/jackc/pgx/v5",
            "component_version": "v5.7.5",
            "latest_event_timestamp": "2026-04-17T12:55:24Z",
            "architecture": "aarch64",
            "component_type": "go-module",
            "latest_event_status": "false_positive_determination",
            "component_purl": "pkg:golang/github.com/jackc/pgx/v5@v5.7.5",
            "component_location": "/usr/bin/argo"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-2c2m-5c7c-2946.json"

Wolfi / argo-workflows-3.7

Package

Name
argo-workflows-3.7
Purl
pkg:apk/wolfi/argo-workflows-3.7?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Ecosystem specific

{
    "components": [
        {
            "component_name": "github.com/jackc/pgx/v5",
            "component_version": "v5.7.5",
            "latest_event_timestamp": "2026-04-17T12:55:24Z",
            "architecture": "aarch64",
            "component_type": "go-module",
            "component_purl": "pkg:golang/github.com/jackc/pgx/v5@v5.7.5",
            "latest_event_status": "false_positive_determination",
            "component_location": "/usr/bin/argo"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-2c2m-5c7c-2946.json"