DRUPAL-CORE-2021-004
The Drupal project uses the pear Archive\Tar library, which has released a security update that impacts Drupal. The vulnerability is mitigated by the fact that Drupal core's use of the Archive\Tar library is not vulnerable, as it does not permit symlinks. Exploitation may be possible if contrib o...