laminas/laminas-captcha 2.1.6 Based on https://github.com/zendframework/zend-captcha/releases/tag/release-2.1.6 (commit a7e25ed67d9a72677e27988a118e4616feb41ac6 in this repo) ==================== - **ZF2014-01:** Potential XXE/XEE attacks using PHP functions: `simplexml_load_*`, `DOMDocument::loadXML`, and `xml_parse`. A new component, `laminas-xml`, was introduced to mitigate XML eXternal Entity and XML Entity Expansion vectors that are present in older versions of libxml2 and/or PHP. `Laminas\Json\Json::fromXml()` and `Laminas\XmlRpc`'s `Response` and `Fault` classes were potentially vulnerable to these attacks. If you use either of these components, we recommend upgrading immediately.