Design/Logic Flaw

2020-03-3020:15:00

PRIOn knowledge base

www.prio-n.com

4.4 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

54.9%

JSON

In Symfony before versions 4.4.7 and 5.0.7, when a Response does not contain a Content-Type header, affected versions of Symfony can fallback to the format defined in the Accept header of the request, leading to a possible mismatch between the response's content and Content-Type header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7.

CPENameOperatorVersion
symfonyge5.0.0
symfonylt5.0.7
symfonyge4.4.0
symfonylt4.4.7

Name	Operator	Version
symfony	ge	5.0.0
symfony	lt	5.0.7
symfony	ge	4.4.0
symfony	lt	4.4.7

References

github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6

github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C36JLPHUPKDFAX6D5WYFC4ALO2K7RDUQ/

symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header