since this morning it is no lpossible to create a project due this
$ composer audit
Found 1 ignored security vulnerability advisory affecting 1 package:
+-------------------+----------------------------------------------------------------------------------+
| Package | tinymce/tinymce |
| Severity | medium |
| Advisory ID | PKSA-hdg2-6rxt-d4qn |
| CVE | CVE-2024-29881 |
| Title | TinyMCE Cross-Site Scripting (XSS) vulnerability in handling external SVG files |
| | through Object or Embed elements |
| URL | https://github.com/advisories/GHSA-5359-pvf2-pw78 |
| Affected versions | <7.0.0 |
| Reported at | 2024-03-26T21:23:45+00:00 |
| Ignore reason | None specified |
+-------------------+----------------------------------------------------------------------------------+
$ composer update -n --no-audit --ansi
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.
Problem 1
* Root composer.json requires tinymce/tinymce ^6.8.4, found tinymce/tinymce\[6.8.4, 6.8.5, 6.8.6\] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-hdg2-6rxt-d4qn") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
temporary workaround inside project directory
composer config audit.ignore PKSA-hdg2-6rxt-d4qn