Candidate: CVE-2020-5255
PublicDate: 2020-03-30 20:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5255
 https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header
 https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6
 https://github.com/symfony/symfony/security/advisories/GHSA-mcx4-f5f5-4859
Description:
 In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not
 contain a `Content-Type` header, affected versions of Symfony can fallback
 to the format defined in the `Accept` header of the request, leading to a
 possible mismatch between the response's content and `Content-Type`
 header. When the response is cached, this can prevent the use of the
 website by other users. This has been patched in versions 4.4.7 and 5.0.7.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L [4.3 MEDIUM]


Patches_symfony:
 upstream: https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6
upstream_symfony: released (4.4.7 and 5.0.7)
precise/esm_symfony: DNE
trusty_symfony: ignored (out of standard support)
trusty/esm_symfony: DNE
xenial_symfony: ignored (end of standard support, was needs-triage)
bionic_symfony: not-affected (code not present)
eoan_symfony: ignored (reached end-of-life)
focal_symfony: not-affected (code not present)
groovy_symfony: not-affected (4.4.8-1)
hirsute_symfony: not-affected (4.4.8-1)
impish_symfony: not-affected (4.4.8-1)
jammy_symfony: not-affected (4.4.8-1)
devel_symfony: not-affected (4.4.8-1)