Windows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected.
1.10.23 and 2.1.9 fix the issue
None
Impact
Windows users running Composer to install untrusted dependencies are affected and should definitely upgrade for safety. Other OSs and WSL are not affected.
Patches
1.10.23 and 2.1.9 fix the issue
Workarounds
None