- Plesk for Linux
The following vulnerability has been discovered in Nginx CVE-2021-23017.
The updates were shipped in #PPP-53358. The vulnerability is registered and tracked in #PFSI-62821.
Such a vulnerability might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory to overwrite, resulting in worker process crash or potential other impacts.
Call to Action
This vulnerability was fixed and shipped on Plesk Obsidian 18.0.36. Consider updating the Plesk server as per How to update Plesk Obsidian to the latest build.