Day: 21 enero, 2021

Project: Drupal coreDate: 2021-January-20Security risk: Critical 18∕25 AC:Complex/A:User/CI:All/II:All/E:Exploit/TD:UncommonVulnerability: Third-party librariesDescription: The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal. For more information please see:CVE-2020-36193Exploits may be possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them.Solution: Install the latest version:If More info: https://www.drupal.org/sa-core-2021-001

Project: Drupal coreDate: 2021-January-20Security risk: Critical 18∕25 AC:Complex/A:User/CI:All/II:All/E:Exploit/TD:UncommonVulnerability: Third-party librariesDescription: The Drupal project uses the pear Archive_Tar library, which has released a security update that impacts Drupal. For more information please see:CVE-2020-36193Exploits may be possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz file uploads and processes them.Solution: Install the latest version:If More info: https://www.drupal.org/sa-core-2021-001