Potential XXE/XEE attacks using PHP functions: simplexml_load_*, DOMDocument::loadXML, and xml_parse

PKSA-v96d-g8zn-4b1w

Affected package: zendframework/zendframework

Affected version: >=2.1.0,<2.1.6|>=2.2.0,<2.2.6

Reported by:
FriendsOfPHP/security-advisories