kb: bug
Applicable to:
- Plesk for Linux
Situation
The following vulnerability has been discovered in Nginx CVE-2021-23017.
The updates were shipped in #PPP-53358. The vulnerability is registered and tracked in #PFSI-62821.
Impact
Such a vulnerability might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory to overwrite, resulting in worker process crash or potential other impacts.
Call to Action
This vulnerability was fixed and shipped on Plesk Obsidian 18.0.36. Consider updating the Plesk server as per How to update Plesk Obsidian to the latest build.
Comments
2 comments
When do you expect this version released?
hello, any information when the latest version Nginx 1.18 will be updated to its latest version?
Please sign in to leave a comment.