• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

CVE addressed in Plesk?

J

JustinCH

New Pleskian
Is there anyway to get a list of CVE addressed in the Plesk RPMs?

rpm -q --changelog psa-package-name

doesn't return anything.
 
This information you can find in KB articles about released microupdates but not in rpm package changelogs.
 
Thanks, I've seen some CVE referenced in them, but there doesn't seem to be a good way to find them , searching for the specific CVE doesn't seem to bring up anything.
 
You must log in or register to reply here.

Similar threads

M
Input Provide detailed security information and a dedicated security mailing list
Replies
13
Views
4K
hschramm
hschramm
M
Issue [CVE-2025-40778] BIND 9 Resolver Enables Cache Poisoning Via Unsolicited Answers
Replies
2
Views
3K
Kaspar
K
N
Issue 421 Misdirected Request on Apache-only Plesk server after recent Apache update (CVE-2025-23048)
Replies
2
Views
7K
NatuurlijkHosting
N
Hangover2
Critical security issue fixed on 24–25 February 2026 (Plesk Obsidian 18.0.75 Update 1 / 18.0.76 Update 2) — request for vulnerability details
Replies
4
Views
2K
Hangover2
Hangover2
T
Question Best Practices: Blocking A Large Number of IP Addresses
Replies
17
Views
5K
WebHostingAce
WebHostingAce
Back
Top