Articles in this section

Websites on PHP-FPM are unavailable or loading slowly: server reached max_children setting (*), consider raising it
Apache keeps going down on a Plesk server: server reached MaxRequestWorkers setting
Vulnerability: CVE-2026-42945: DoS and RCE in nginx before 1.31.1/1.30.1
Is Plesk affected by CVE-2026-23918? (Double Free and possible RCE in Apache http2 module)
Preferred domain redirect does not work when Nginx is not installed in Plesk
What do the HTTP status codes that you see in Plesk server logs mean in general?
Plesk error: AH00526: Syntax error on line 15 of /etc/apache2/plesk.conf.d/server.conf: Invalid command 'plesklog'
Many websites failed to open on the Plesk server: Error 502: Connection refused while connecting to upstream
How to restart an IIS Application Pool for a website on a Windows Plesk server?
How to calculate and adjust the MaxRequestWorkers limit on the server with Plesk
See more

CVE-2022-22965: vulnerability in Spring Framework for Java applications running on Tomcat

Renan Poss Moreira

Updated February 13, 2023 08:31

Plesk for Windows Plesk for Linux kb: technical

Applicable to:

Plesk for Linux
Plesk for Windows

Situation

CVE-2022-22965 is a vulnerability in Spring Framework for Java applications. So, this vulnerability may affect Java-based applications only.

Impact

Plesk does not use Java internally, so Plesk is not affected by this vulnerability. Since Tomcat support in Plesk was dropped in Plesk 17.8, Plesk does not support users' Java-based applications.

Call to action

No additional actions are required.

Comments

0 comments

Please sign in to leave a comment.