CGA-cgj2-vrph-q696

Source
https://images.chainguard.dev/security/CGA-cgj2-vrph-q696
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-cgj2-vrph-q696.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-cgj2-vrph-q696
Upstream
Published
2025-11-06T01:52:05Z
Modified
2026-07-17T18:51:47.045926101Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / hadoop-fips-3.3.6

Package

Name
hadoop-fips-3.3.6
Purl
pkg:apk/chainguard/hadoop-fips-3.3.6?arch=x86_64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Ecosystem specific

{
    "components": [
        {
            "component_purl": "pkg:maven/commons-compress@1.5",
            "component_type": "java-archive",
            "latest_event_timestamp": "2026-01-16T16:27:43Z",
            "architecture": "x86_64",
            "latest_event_status": "fix_not_planned",
            "component_version": "1.5",
            "component_name": "commons-compress",
            "component_location": "/usr/share/m2/repository/org/apache/commons/commons-compress/1.5/commons-compress-1.5.jar"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-cgj2-vrph-q696.json"