PT-2024-4386 · Composer +5 · Composer +5
Name of the Vulnerable Software and Affected Versions: Composer versions prior to 2.2.24 and 2.7.7 Description: The issue is related to the incorrect neutralization of special elements in the getUnpushedChanges function of the Composer dependency manager for PHP. This can allow a remote attacker ...