ugh, composer.
There are 5 composer security advisories affecting our repositories.
Sandbox Information Disclosure
Possibility to load a template outside a configured directory when using the filesystem loader
Improper Certificate Validation in phpseclib
RCE affecting Windows hosts via UNC paths to translation files
Untrusted code may be run from an overridden address validator