• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

Question vulnerability CVE-2021-21708 - PHP Code Execution

D

DanielJ

New Pleskian
Hello Pleskians and Plesk-Team!
i saw a new exploit in PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3,
As u can read here: NVD - CVE-2021-21708 or you do a quick google search on your own: "CVE-2021-21708"

So as workaround for now we surely can update our php-versions to 8.1.3 . But will there be a patch for this vulnerability?
 
You must log in or register to reply here.

Similar threads

J.Wick
Issue Multiple Vulnerabilities in PHP 5 thru 8.3.7 Could Allow for Remote Code Execution - PATCH NOW
Replies
2
Views
3K
Tobias Sorensson
T
M
Issue unable to add component PLESK-PHP8.2.
Replies
1
Views
3K
Nikolay
Nikolay
A
Resolved Can't remove php handler from list - the PHP handler "plesk-php56-fastcgi" is not found
Replies
7
Views
6K
tfrank7
T
jhernanper
Issue Unable to install SuiteCRM: Symfony Runtime Exception. Tried everything - desperate
Replies
1
Views
7K
Maarten
M
R
Question Apache FilesMatch directive vulnerability in CentOS 7....
Replies
1
Views
2K
IgorG
IgorG
Back
Top