libgcrypt < 1.9.4-r0 has medium security vulnerability CVE-2021-40528 (found via Twistlock with Alpine v3.12)
This vulnerability was flagged on Alpine v3.12. It affects Alpine v3.13 and earlier which use libgcrypt 1.8.8-r0 (only the v3.14 and edge branches appear to have the fixed libgcrypt 1.9.4-r0 at this time).
Vulnerability details are available at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528