# Composer audit - mgmt

**Fecha:** 2026-06-04 15:43:14

**Proyecto:** `/Users/oq/Developer/multi-php-docker/php-prod/sasis`

**Target autorizado:** `http://localhost:8888/sasis/mgmt`

**Target desde Docker:** `http://host.docker.internal:8888/sasis/mgmt`

**Descripción:** Revisión de vulnerabilidades Composer para mgmt.

## Comando

```bash
docker run --rm -v /Users/oq/Developer/multi-php-docker/php-prod/sasis/mgmt:/app:ro -w /app composer:2 audit --format=plain 
```

## Salida

**Estado:** `1`

```text
Found 1 ignored security vulnerability advisory affecting 1 package:
Package: firebase/php-jwt
Severity: low
Advisory ID: PKSA-y2cr-5h3j-g3ys
CVE: CVE-2025-45769
Title: php-jwt contains weak encryption
URL: https://github.com/advisories/GHSA-2x45-7fc3-mxwq
Affected versions: <7.0.0
Reported at: 2025-07-31T21:31:53+00:00
Ignore reason: None specified
Found 5 abandoned packages:
doctrine/cache is abandoned. No replacement was suggested.
web-token/jwt-key-mgmt is abandoned. Use web-token/jwt-library instead.
web-token/jwt-signature is abandoned. Use web-token/jwt-library instead.
web-token/jwt-signature-algorithm-ecdsa is abandoned. Use web-token/jwt-library instead.
web-token/jwt-util-ecc is abandoned. Use web-token/jwt-library instead.
```
