Search by 
nzo/url-encryptor-bundle Security Advisories for 4.2.0 (1)
-
[HIGH] Insecure default secret key and IV allowing anyone to decrypt values
PKSA-ngdb-bty3-d9ns GHSA-r2r8-36pq-27cm
Affected version: >=5.0.0,<5.0.1|>=4.0.0,<4.3.2
Reported by:
GitHub, FriendsOfPHP/security-advisories