[HIGH] Composer has a command injection via malicious git branch name

PKSA-s25b-vbmp-jvhh CVE-2024-35241 GHSA-47f6-5gq3-vx9c

Affected package: composer/composer

Affected version: >=2.3,<2.7.7|>=2.0,<2.2.24

Reported by:
GitHub