Description
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.
Remediation
References
Related Vulnerabilities
Chamilo Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-27427)
Microsoft SQL Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2003-0230)
WordPress Plugin WordPress Backup and Migrate-Backup Guard Arbitrary File Upload (1.0.2)
SharePoint Heap-based Buffer Overflow Vulnerability (CVE-2025-47169)
Perl Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-1999-1386)