Skip to content

Commit 37d76eb

Browse files
mantheymanthey
committed
Another trivy ignore update
The npm CVEs continue, but are still unreachable except for someone who already has full access to everything.
1 parent d9b6666 commit 37d76eb

File tree

1 file changed

+2
-0
lines changed

1 file changed

+2
-0
lines changed

.trivyignore

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ CVE-2025-52999
1818
CVE-2026-23745
1919
# HIGH: node-pkg - node-tar: tar: node-tar: Arbitrary file overwrite via Unicod
2020
CVE-2026-23950
21+
# HIGH: node-pkg - node-tar: tar: node-tar: Arbitrary file creation via path tr
22+
CVE-2026-24842
2123
# HIGH: python-pkg - jaraco.context: jaraco.context: Path traversal via malicious
2224
CVE-2026-23949
2325
# HIGH: python-pkg - wheel: wheel: Privilege Escalation or Arbitrary Code Executi

0 commit comments

Comments
 (0)