Potential Information Disclosure and Insufficient Entropy vulnerability in Zend\Captcha\Word

PKSA-kv74-yjnp-pcr9

Affected package: zendframework/zend-captcha

Affected version: >=2.0.0,<2.4.9|>=2.5.0,<2.5.2

Reported by:
FriendsOfPHP/security-advisories