Description
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2021-2175 Vulnerability (CVE-2021-2175)
MySQL CVE-2018-2777 Vulnerability (CVE-2018-2777)
GlassFish CVE-2016-3608 Vulnerability (CVE-2016-3608)
WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2)
phpMyFAQ Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-15733)