Impact
An possible object injection has been discovered in cookie driver prior 5.0.13 versions (of 5.x releases).
Patches
The issue has been addressed by enforcing JSON conversion when deserializing
Workarounds
If you can't fix it, use another driver such as "Files" (Filesystem)
References
Fixing release: https://github.com/PHPSocialNetwork/phpfastcache/releases/tag/5.0.13
For more information
If you have any questions or comments about this advisory:
Impact
An possible object injection has been discovered in cookie driver prior 5.0.13 versions (of 5.x releases).
Patches
The issue has been addressed by enforcing JSON conversion when deserializing
Workarounds
If you can't fix it, use another driver such as "Files" (Filesystem)
References
Fixing release: https://github.com/PHPSocialNetwork/phpfastcache/releases/tag/5.0.13
For more information
If you have any questions or comments about this advisory: