[MEDIUM] XXE/XEE vector when using ZendXml on multibyte payloads

PKSA-wj3f-s5xk-69k6 CVE-2015-5161 GHSA-xp8p-9rq5-4wgv

Affected package: zendframework/zendxml

Affected version: >=1.0.0,<1.0.1

Reported by:
GitHub, FriendsOfPHP/security-advisories