[GHSA-4xh5-x5gv-qwph] pip's fallback tar extraction doesn't check symbolic links point to extraction directory#6358

advisory-database[bot] merged 1 commit intoichard26/advisory-improvement-6358github/advisory-database:ichard26/advisory-improvement-6358from

ichard26-GHSA-4xh5-x5gv-qwphgithub/advisory-database:ichard26-GHSA-4xh5-x5gv-qwphCopy head branch name to clipboard