4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
54.9%
When a Response
does not contain a Content-Type
header, Symfony falls back to the format defined in the Accept
header of the request, leading to a possible mismatch between the response’s content and Content-Type
header. When the response is cached, this can lead to a corrupted cache where the cached format is not the right one.
Symfony does not use the Accept
header anymore to guess the Content-Type
.
The patch for this issue is available here for the 4.4 branch.
I would like to thank Xavier Lacot from JoliCode for reporting & Yonel Ceruto and Tobias Schultze for fixing the issue.
CPE | Name | Operator | Version |
---|---|---|---|
symfony/symfony | lt | 5.0.7 | |
symfony/symfony | lt | 4.4.7 | |
symfony/http-foundation | lt | 5.0.7 | |
symfony/http-foundation | lt | 4.4.7 |
github.com/advisories/GHSA-mcx4-f5f5-4859
github.com/FriendsOfPHP/security-advisories/blob/master/symfony/http-foundation/CVE-2020-5255.yaml
github.com/FriendsOfPHP/security-advisories/blob/master/symfony/symfony/CVE-2020-5255.yaml
github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6
github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859
lists.fedoraproject.org/archives/list/[email protected]/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/
nvd.nist.gov/vuln/detail/CVE-2020-5255
symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header
symfony.com/cve-2020-5255
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
0.002 Low
EPSS
Percentile
54.9%