CGA-2j4w-799m-xcjp

Source
https://images.chainguard.dev/security/CGA-2j4w-799m-xcjp
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-2j4w-799m-xcjp.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-2j4w-799m-xcjp
Upstream
Published
2026-01-22T11:18:01Z
Modified
2026-07-17T18:29:48.056087625Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / pelias-api

Package

Name
pelias-api
Purl
pkg:apk/chainguard/pelias-api?arch=x86_64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.6.0-r1

Ecosystem specific

{
    "components": [
        {
            "component_name": "lodash",
            "component_location": "/code/pelias/api/node_modules/lodash/package.json",
            "latest_event_timestamp": "2026-02-09T11:03:03Z",
            "component_version": "4.17.21",
            "component_type": "npm",
            "component_purl": "pkg:npm/lodash@4.17.21",
            "latest_event_status": "fixed",
            "architecture": "x86_64"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-2j4w-799m-xcjp.json"