Knowledge Base

CVE-2022-22965: vulnerability in Spring Framework for Java applications running on Tomcat

Situation

CVE-2022-22965 is a vulnerability in Spring Framework for Java applications. So, this vulnerability may affect Java-based applications only.

Impact

Plesk does not use Java internally, so Plesk is not affected by this vulnerability. Since Tomcat support in Plesk was dropped in Plesk 17.8, Plesk does not support users' Java-based applications.

Call to action

No additional actions are required.

Recommended OSs for Plesk

Your Automatic Server Update to Plesk 17.8

Knowledge Base

Rest API vulnerability against the CSRF attack in Plesk

Unable to perform migration to Plesk with trial license: Your key limits don’t allow mailname creation: There are no resources of this type

Is Plesk affected by CVE-2021-44228 vulnerability in log4j package of Apache?

Does Plesk support HTTP/3 (QUIC) protocol?

Hosting Wiki

Linux
Plesk

Knowledge Base

CVE-2022-22965: vulnerability in Spring Framework for Java applications running on Tomcat

Situation

Impact

Call to action

Recommended OSs for Plesk

Your Automatic Server Update to Plesk 17.8

Rest API vulnerability against the CSRF attack in Plesk

Unable to perform migration to Plesk with trial license: Your key limits don’t allow mailname creation: There are no resources of this type

Is Plesk affected by CVE-2021-44228 vulnerability in log4j package of Apache?

Does Plesk support HTTP/3 (QUIC) protocol?

Install CVE-2022-22965: vulnerability in Spring Framework for Java applications running on Tomcat extension