vulnerabilities in composer dependencies

ugh, composer.

There are 7 composer security advisories affecting our repositories.

twig/twig (CVE-2022-39261)

Possibility to load a template outside a configured directory when using the filesystem loader
Affected repositories (1)

twig/twig (CVE-2024-45411)

Possible sandbox bypass
Affected repositories (1)

twig/twig (CVE-2024-51754)

Unguarded calls to __toString() when nesting an object into an array
Affected repositories (1)

twig/twig (CVE-2024-51755)

Unguarded calls to __isset() and to array-accesses when the sandbox is enabled
Affected repositories (1)

firebase/php-jwt (CVE-2021-46743)

Key/algorithm type confusion
Affected repositories (3)

swiftmailer/swiftmailer (CVE-2024-28859)

Deserialization Gadget chain in Swift Mailer
Affected repositories (1)

symfony/http-foundation (CVE-2024-50345)

CVE-2024-50345: Open redirect via browser-sanitized URLs
Affected repositories (1)
Source code is licensed under the AGPL.