On October 19, 2021, we have enabled single-sign-on for our Plesk Support Center to provide a seamless login/account experience. This implies that you’ll be able to use a single account across any of our web-facing properties.
If you had already registered your account at Plesk 360 (formerly known as My Plesk) please use one for login. Otherwise please re-register it using the same email address as your existing Zendesk login (support account). It’s essential that you use the same email address on our support center to ensure that your tickets stay attached to the same account.

Articles in this section

See more

CVE-2021-23017: Nginx

Avatar
Renan Genova Ferreira
Updated
Follow
kb: bug

Applicable to:

  • Plesk for Linux

Situation

The following vulnerability has been discovered in Nginx CVE-2021-23017.

The updates were shipped in #PPP-53358. The vulnerability is registered and tracked in #PFSI-62821.

Impact

Such a vulnerability might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory to overwrite, resulting in worker process crash or potential other impacts.

Call to Action

This vulnerability was fixed and shipped on Plesk Obsidian 18.0.36. Consider updating the Plesk server as per How to update Plesk Obsidian to the latest build.

Comments

2 comments

Sort by Date Votes
  • Avatar
    Wan Azhan

    When do you expect this version released? 

    0
    Comment actions Permalink
  • Avatar
    Wan Azhan

    hello, any information when the latest version Nginx 1.18 will be updated to its latest version?

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles