{"id":"CGA-q5cx-q6pq-q5wf","modified":"2026-01-28T03:31:02.883106Z","published":"2025-02-26T14:07:23.681652Z","withdrawn":"2026-01-28T03:31:02.883106Z","related":["CGA-q5cx-q6pq-q5wf","CVE-2025-27144","GHSA-c6gw-w398-hv78"],"affected":[{"package":{"name":"zarf","ecosystem":"Chainguard","purl":"pkg:apk/chainguard/zarf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.49.0-r2"}]}],"database_specific":{"source":"https://packages.cgr.dev/chainguard/osv/CGA-q5cx-q6pq-q5wf.json"}},{"package":{"name":"zarf","ecosystem":"Wolfi","purl":"pkg:apk/wolfi/zarf"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.49.0-r2"}]}],"database_specific":{"source":"https://packages.cgr.dev/chainguard/osv/CGA-q5cx-q6pq-q5wf.json"}}],"schema_version":"1.7.3"}