ugh, composer.
There are 4 composer security advisories affecting our repositories.
Deserialization Gadget chain in Swift Mailer
Unguarded calls to __toString() when nesting an object into an array
Unguarded calls to __isset() and to array-accesses when the sandbox is enabled
PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser