{"id":"ROOT-APP-NPM-CVE-2026-31802","summary":"CVE-2026-31802 in @rootio/tar - Patched by Root","details":"Root has patched CVE-2026-31802 in the @rootio/tar package for Root:npm. Multiple fixed versions available.","modified":"2026-03-29T20:27:08.674963Z","published":"2026-03-29T17:56:31Z","upstream":["CVE-2026-31802"],"database_specific":{"source":"Root","distro_version":"","distro":"npm"},"affected":[{"package":{"name":"@rootio/tar","ecosystem":"Root:npm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.2.1-root.io.7"},{"fixed":"7.5.7-root.io.2"},{"fixed":"7.4.3-root.io.6"},{"fixed":"7.5.1-root.io.7"},{"fixed":"6.2.0-root.io.8"},{"fixed":"7.4.3-root.io.7"},{"fixed":"7.5.1-root.io.8"},{"fixed":"6.2.0-root.io.9"}]}],"database_specific":{"upstream_version":"6.2.0-root.io.9","total_fixed_versions":8,"source":"https://api.root.io/external/osv/ROOT-APP-NPM-CVE-2026-31802.json","all_fixed_versions":["6.2.1-root.io.7","7.5.7-root.io.2","7.4.3-root.io.6","7.5.1-root.io.7","6.2.0-root.io.8","7.4.3-root.io.7","7.5.1-root.io.8","6.2.0-root.io.9"],"root_patched":true,"root_patch_version":""}}],"schema_version":"1.7.5"}