| ID | CVE-2020-5255 | ||||||
| Sažetak | In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7. | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:S/C:N/I:N/A:P | ||||||
| Zadnje važnije ažuriranje | 07-11-2023 - 03:23 | ||||||
| Objavljeno | 30-03-2020 - 20:15 |

