CGA-wf53-8p47-vmpr

Source
https://images.chainguard.dev/security/CGA-wf53-8p47-vmpr
Import Source
https://advisories.cgr.dev/chainguard/v3/osv/CGA-wf53-8p47-vmpr.json
JSON Data
https://api.test.osv.dev/v1/vulns/CGA-wf53-8p47-vmpr
Upstream
Published
2026-03-19T13:36:20Z
Modified
2026-07-17T19:24:47.186037742Z
Severity
  • 9.6 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details
References

Affected packages

Chainguard / tekton-pipelines-nop-fips-1.4

Package

Name
tekton-pipelines-nop-fips-1.4
Purl
pkg:apk/chainguard/tekton-pipelines-nop-fips-1.4?arch=x86_64

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Ecosystem specific

{
    "components": [
        {
            "component_name": "github.com/tektoncd/pipeline",
            "component_version": "v1.4.0+dirty",
            "latest_event_timestamp": "2026-03-25T15:52:36Z",
            "architecture": "x86_64",
            "component_type": "go-module",
            "latest_event_status": "fix_not_planned",
            "component_purl": "pkg:golang/github.com/tektoncd/pipeline@v1.4.0%2Bdirty",
            "component_location": "/usr/bin/nop"
        }
    ]
}

Database specific

source
"https://advisories.cgr.dev/chainguard/v3/osv/CGA-wf53-8p47-vmpr.json"