Security Advisories

View the status of known vulnerabilities in a Chainguard Container along with daily updates on security patches. Learn more.

CGA ID	CVE ID	Severity	Affected package	Status
CGA-hxvc-4v2q-9mwr	CVE-2026-39827	Unknown	rke2-runtime-1.31	Fix not planned
CGA-x4rg-r3v5-mv8r	CVE-2025-47913	High	rke2-runtime-1.31	Fix not planned
CGA-fg8w-3q6g-g28g	CVE-2022-42004	High	scala-3.8	Under investigation
CGA-963m-qpc3-24p7	CVE-2022-42003	High	scala-3.8	Under investigation
CGA-3grx-4vj8-24f9	CVE-2020-36518	High	scala-3.8	Under investigation
CGA-2x5p-g524-f647	CVE-2021-46877	High	scala-3.8	Under investigation
CGA-jqp6-3g25-h8f9	CVE-2025-49128	Medium	scala-3.8	Under investigation
CGA-6w35-m99g-9gvx	CVE-2025-52999	Unknown	scala-3.8	Under investigation
CGA-cvwg-w8p9-7q7c	CVE-2022-42004	High	scala-3.8	Under investigation
CGA-mj76-c97m-xrrg	CVE-2022-42003	High	scala-3.8	Under investigation
CGA-4vq5-h2h6-fcp4	CVE-2020-36518	High	scala-3.8	Under investigation
CGA-jm74-mcj2-2g3w	CVE-2021-46877	High	scala-3.8	Under investigation
CGA-mfcm-mwcc-xq88	CVE-2025-49128	Medium	scala-3.8	Under investigation
CGA-8j98-4jjm-mh35	CVE-2025-52999	Unknown	scala-3.8	Under investigation
CGA-vqhr-p693-5ffq	CVE-2025-31486	Medium	langfuse-fips-2-worker	Fixed
CGA-xcwg-2742-7c95	CVE-2025-30208	Medium	langfuse-fips-2-worker	Fixed

811,395 advisories

The trusted source for open source

Talk to an expert

Privacy

Terms

© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.

Security Advisories

The trusted source for open source

Product

Solutions

Customers

Resources

Company