| Max CVSS | 5.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-5255 | 4.0 |
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the
|
09-04-2020 - 17:15 | 30-03-2020 - 20:15 | |
| CVE-2020-5275 | 5.5 |
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the ch
|
09-04-2020 - 17:15 | 30-03-2020 - 20:15 |