new vuln

anthony-nhs · anthony-nhs · commit 8d1a69610eb6 · 2026-03-09T16:40:14.000Z
diff --git a/src/common_node_24/.trivyignore.yaml b/src/common_node_24/.trivyignore.yaml
@@ -53,3 +53,8 @@ vulnerabilities:
       - "pkg:npm/minimatch@10.0.3"
       - "pkg:npm/minimatch@9.0.5"
     expired_at: 2026-08-27
+  - id: CVE-2026-29786
+    statement: "node-tar is a full-featured Tar for Node.js. Prior to version 7.5.10,  ..."
+    purls:
+      - "pkg:npm/tar@7.5.1"
+    expired_at: 2026-09-09
