Articles in this section

See more

CVE-2021-23017: Nginx

Avatar
Renan Genova Ferreira
Updated
Follow
kb: bug

Applicable to:

  • Plesk for Linux

Situation

The following vulnerability has been discovered in Nginx CVE-2021-23017.

The updates were shipped in #PPP-53358. The vulnerability is registered and tracked in #PFSI-62821.

Impact

Such a vulnerability might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory to overwrite, resulting in worker process crash or potential other impacts.

Call to Action

This vulnerability was fixed and shipped on Plesk Obsidian 18.0.36. Consider updating the Plesk server as per How to update Plesk Obsidian to the latest build.

Comments

2 comments

Sort by Date Votes
  • Avatar
    Wan Azhan

    When do you expect this version released? 

    0
    Comment actions Permalink
  • Avatar
    Wan Azhan

    hello, any information when the latest version Nginx 1.18 will be updated to its latest version?

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles