vulnerabilities in composer dependencies

ugh, composer.

There are 4 composer security advisories affecting our repositories.

dompdf/dompdf (CVE-2022-0085)

Server-Side Request Forgery in dompdf/dompdf

Affected repositories (1)

• mediawiki/extensions/CIForms

dompdf/dompdf (CVE-2022-41343)

Remote file inclusion

Affected repositories (1)

• mediawiki/extensions/CIForms

dompdf/dompdf (CVE-2023-23924)

Dompdf vulnerable to URI validation failure on SVG parsing

Affected repositories (1)

• mediawiki/extensions/CIForms

firebase/php-jwt (CVE-2021-46743)

Key/algorithm type confusion

Affected repositories (4)

• 🗄mediawiki/extensions/CheckUser
• ❌🗄mediawiki/extensions/ContentTranslation
• 🗄mediawiki/extensions/OAuth
• 🗄🔮mediawiki/vendor

Source code is licensed under the AGPL.