CVE-2023-43655
Composer is a dependency manager for PHP. Users publishing a composer.phar to a public web-accessible server where the composer.phar can be executed as a php file may be subject to a remote code execution vulnerability if PHP also has register_argc_argv enabled in php.ini. Versions 2.6.4, 2.2.22 an...