Service announcements
2019-03-29 11:55: Magento 2.3.1, 2.2.8, 2.1.17 security updateTuesday, March 26, Magento published critical security updates. We therefore request that customers using Magento upgrade ASAP, if they have not already done so.
These new versions address security vulnerabilities that allow unauthenticated users full access to Magento and other software installed to the same webhotel.
Additionally, Magento offers a patch for Magento 1.9 to version 1.9.4.1, and a patch for Magento 1.14 to version 1.14.4.1.
Magento 2.0 is unsupported, and must be upgraded to 2.1, 2.2, or 2.3, or be deleted.
Source: Magento 2.3.1, 2.2.8 and 2.1.17 Security Update (magento.com)