ugh, composer.
There are 2 composer security advisories affecting our repositories.
Deserialization Gadget chain in Swift Mailer
PhpSpreadsheet vulnerable to SSRF when reading and displaying a processed HTML document in the browser