vulnerabilities in composer dependencies

ugh, composer.

There are 4 composer security advisories affecting our repositories.

swiftmailer/swiftmailer (CVE-2024-28859)

Deserialization Gadget chain in Swift Mailer
Affected repositories (1)

twig/twig (CVE-2024-51754)

Unguarded calls to __toString() when nesting an object into an array
Affected repositories (1)

twig/twig (CVE-2024-51755)

Unguarded calls to __isset() and to array-accesses when the sandbox is enabled
Affected repositories (1)

phpoffice/phpspreadsheet (CVE-2025-54370)

PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser
Affected repositories (1)
Source code is licensed under the AGPL.