update .trivyignore

anthony-nhs · anthony-nhs · commit a8d52c68389d · 2026-02-13T08:33:17.000Z
diff --git a/src/node_24_python_3_14/.trivyignore.yaml b/src/node_24_python_3_14/.trivyignore.yaml
@@ -19,3 +19,24 @@ vulnerabilities:
     purls:
       - "pkg:pypi/wheel@0.45.1"
     expired_at: 2026-08-12
+  - id: CVE-2025-64756
+    statement: "glob: glob: Command Injection Vulnerability via Malicious Filenames"
+    purls:
+      - "pkg:npm/glob@10.4.5"
+      - "pkg:npm/glob@11.0.3"
+    expired_at: 2026-08-13
+  - id: CVE-2026-23745
+    statement: "node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives"
+    purls:
+      - "pkg:npm/tar@7.5.1"
+    expired_at: 2026-08-13
+  - id: CVE-2026-23950
+    statement: "node-tar: tar: node-tar: Arbitrary file overwrite via Unicode path collision race condition"
+    purls:
+      - "pkg:npm/tar@7.5.1"
+    expired_at: 2026-08-13
+  - id: CVE-2026-24842
+    statement: "node-tar: tar: node-tar: Arbitrary file creation via path traversal bypass in hardlink security check"
+    purls:
+      - "pkg:npm/tar@7.5.1"
+    expired_at: 2026-08-13
