CVE-2019-16774

Name of the Vulnerable Software and Affected Versions phpfastcache versions prior to 5.1.3

Description The issue is related to shortcomings in the deserialization mechanism of the PhpFastCache library. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The vulnerability is associated with a possible object injection in the cookie driver.

Recommendations For versions prior to 5.1.3, consider using another driver, such as the "Files" (Filesystem) driver, as a temporary workaround until the issue is resolved. Update to version 5.1.3 or later, which enforces JSON conversion when deserializing to address the issue.