admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3495 from cristina479/master

Browse Source 
Merge conflict fix for CVE-2020-5255
This commit is contained in:
Cristina Padro 2020-03-30 17:20:03 -04:00 committed by GitHub
commit ec68d93fd8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
2020/5xxx/CVE-2020-5255.json
View File

@ -16,7 +16,10 @@
"version": {
"version_data": [
{
"version_value": "< 4.4"
"version_value": ">= 4.4.0, < 4.4.7"
},
{
"version_value": ">= 5.0.0, < 5.0.7"
}
]
}
@ -35,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Symfony before version 4.4, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response&#39;s content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in version 4.4."
"value": "In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header,\naffected versions of Symfony can fallback to the format defined in the `Accept` header of the request,\nleading to a possible mismatch between the response&#39;s content and `Content-Type` header.\nWhen the response is cached, this can prevent the use of the website by other users.\n\nThis has been patched in versions 4.4.7 and 5.0.7."
}
]
},
@ -85,4 +88,4 @@
"advisory": "GHSA-mcx4-f5f5-4859",
"discovery": "UNKNOWN"
}
}
}