[java-sig-commits] [Bug 1981903] CVE-2021-35517 apache-commons-compress: excessive memory allocation when reading a specially crafted TAR archive