CGA-3448-g7r4-c235

Source
https://images.chainguard.dev/security/CGA-3448-g7r4-c235
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-3448-g7r4-c235.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-3448-g7r4-c235
Upstream
Published
2026-01-22T11:17:14Z
Modified
2026-07-17T18:32:04.064526279Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:H/SI:H/SA:H/E:P CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / opensearch-dashboards-2-fips-ml-commons-dashboards

Package

Name
opensearch-dashboards-2-fips-ml-commons-dashboards
Purl
pkg:apk/chainguard/opensearch-dashboards-2-fips-ml-commons-dashboards?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.19.4-r6

Ecosystem specific

{
    "components": [
        {
            "component_name": "lodash",
            "component_location": "/usr/share/opensearch-dashboards/plugins/mlCommonsDashboards/node_modules/lodash/package.json",
            "latest_event_timestamp": "2026-01-23T14:55:36Z",
            "component_version": "4.17.21",
            "component_type": "npm",
            "component_purl": "pkg:npm/lodash@4.17.21",
            "latest_event_status": "fixed",
            "architecture": "aarch64"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-3448-g7r4-c235.json"