Description
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP SEO Tags Cross-Site Scripting (2.2.7)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2007-6423)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-3630)
Drupal Resource Management Errors Vulnerability (CVE-2014-5265)
Roundcube Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19205)