| Name | CVE-2019-16774 |
| Description | In phpfastcache before 5.1.3, there is a possible object injection vulnerability in cookie driver. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| kopano-webapp-plugin-files | source | (unstable) | 2.1.5+dfsg1-2 | unimportant |
https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-484f-743f-6jx2
https://github.com/PHPSocialNetwork/phpfastcache/commit/c4527205cb7a402b595790c74310791f5b04a1a4 (5.0.13)
https://github.com/PHPSocialNetwork/phpfastcache/commit/82a84adff6e8fc9b564c616d0fdc9238ae2e86c3 (4.3.18)
Affected phpfastcache code is not used in kopano-webapp-plugin-files.