Knowledge Base

Is Plesk affected by CVE-2021-44228 vulnerability in log4j package of Apache?

Situation

CVE-2021-44228 is a vulnerability in Apache Log4j which is a Java library. So, this vulnerability may affect Java-based applications only.

Impact

Plesk does not use Java internally, so Plesk is not affected by this vulnerability. Since Tomcat support in Plesk was dropped in Plesk 17.8, Plesk does not support users' Java-based applications.

Call to action

No additional actions are required.

Your Complete .htaccess Guide: Including .htaccess Basics and More

NGINX vs Apache – Which Is the Best Web Server in 2024?

Top Web Servers For Linux And Windows

Knowledge Base

CVE-2022-22965: vulnerability in Spring Framework for Java applications running on Tomcat

Does Plesk support HTTP/3 (QUIC) protocol?

How to set default index type for a domain in Plesk Obsidian

[BUG] Unable to start or restart Apache after uninstalling Roundcube in Plesk: Could not open configuration file roundcube.htaccess.inc No such file or directory

Hosting Wiki