Potential Information Disclosure and Insufficient Entropy vulnerabilities in Zend\Math\Rand and Zend\Validate\Csrf Components

PKSA-jgk2-8mxq-5256

Affected package: zendframework/zendframework

Affected version: >=2.0.0,<2.0.8|>=2.1.0,<2.1.4

Reported by:
FriendsOfPHP/security-advisories