vulnerabilities in composer dependencies

ugh, composer.

There are 2 composer security advisories affecting our repositories.

swiftmailer/swiftmailer (CVE-2024-28859)

Deserialization Gadget chain in Swift Mailer
Affected repositories (1)

phpoffice/phpspreadsheet (CVE-2025-54370)

PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser
Affected repositories (1)
Source code is licensed under the AGPL.