Potential XXE/XEE attacks using PHP functions: simplexml_load_*, DOMDocument::loadXML, and xml_parse

PKSA-6vg5-w5m6-1bx1

Affected package: zendframework/zendframework1

Affected version: >=1.12.0,<1.12.4

Reported by:
FriendsOfPHP/security-advisories