[CRITICAL] Potential SQL injection vector using null byte for PDO (MsSql, SQLite)

PKSA-d2kh-9h2x-yxmw GHSA-2x36-qhx3-7m5f

Affected package: zendframework/zendframework1

Affected version: >=1.12.0,<1.12.16

Reported by:
GitHub, FriendsOfPHP/security-advisories