CGA-vv9f-qq54-p2xp

Source
https://images.chainguard.dev/security/CGA-vv9f-qq54-p2xp
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-vv9f-qq54-p2xp.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-vv9f-qq54-p2xp
Upstream
  • GHSA-xvqr-69v8-f3gv
Published
2026-02-01T00:31:10Z
Modified
2026-07-17T19:23:46.356170339Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / tekton-pipelines-entrypoint-1.4

Package

Name
tekton-pipelines-entrypoint-1.4
Purl
pkg:apk/chainguard/tekton-pipelines-entrypoint-1.4?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.0-r4

Ecosystem specific

{
    "components": [
        {
            "architecture": "aarch64",
            "latest_event_timestamp": "2026-02-09T14:51:03Z",
            "component_version": "go1.25.5",
            "component_name": "stdlib",
            "component_type": "go-module",
            "component_location": "/usr/bin/entrypoint",
            "component_purl": "pkg:golang/stdlib@go1.25.5",
            "latest_event_status": "fixed"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-vv9f-qq54-p2xp.json"

Wolfi / tekton-pipelines-entrypoint-1.4

Package

Name
tekton-pipelines-entrypoint-1.4
Purl
pkg:apk/wolfi/tekton-pipelines-entrypoint-1.4?arch=aarch64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.0-r4

Ecosystem specific

{
    "components": [
        {
            "architecture": "aarch64",
            "latest_event_timestamp": "2026-02-09T14:51:03Z",
            "component_version": "go1.25.5",
            "component_name": "stdlib",
            "component_type": "go-module",
            "component_location": "/usr/bin/entrypoint",
            "latest_event_status": "fixed",
            "component_purl": "pkg:golang/stdlib@go1.25.5"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-vv9f-qq54-p2xp.json"