Description
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.
Remediation
References
Related Vulnerabilities
MySQL CVE-2020-2790 Vulnerability (CVE-2020-2790)
silverstripeCMS Cryptographic Issues Vulnerability (CVE-2010-5079)
Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)
WordPress Plugin Websimon Tables Cross-Site Scripting (1.3.4)
Zope Web Application Server Other Vulnerability (CVE-2001-1227)