Description
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
Remediation
References
Related Vulnerabilities
WordPress Plugin Redux Framework Multiple Vulnerabilities (4.2.11)
Zope Web Application Server Resource Management Errors Vulnerability (CVE-2008-5102)
Jetty Uncontrolled Resource Consumption Vulnerability (CVE-2023-44487)
WordPress Plugin LazyEater Unspecified Vulnerability (1.2.1)
Oracle Database Server CVE-2005-4884 Vulnerability (CVE-2005-4884)