Mik3 Posted December 23, 2021 Share Posted December 23, 2021 (edited) Dear devs and member, I would like to know if unraid is vulnerable to the new APACHE vulnerability (not talking about log4j). The CVEs are the one in the subject, links to nist below. If vulnerable will an update be available soon to fix those CVE and improve the product security? https://nvd.nist.gov/vuln/detail/CVE-2021-44790 https://nvd.nist.gov/vuln/detail/CVE-2021-44224 Thank you. Merry christmas Edited December 23, 2021 by Mik3 Links added Quote Link to comment
Solution itimpi Posted December 23, 2021 Solution Share Posted December 23, 2021 Seems unlikely that Unraid will be directly vulnerable as it does not use Apache. I guess it is possible that VMs or Docker containers that use Apache could be vulnerable. Quite what knock on effect this might have if one got compromised is unclear as they run within controlled environments isolated from core Unraid. Quote Link to comment
Mik3 Posted December 24, 2021 Author Share Posted December 24, 2021 I wasn't sure if unraid was using Apache or not that's why the question. Thanks a lot for your reply. Quote Link to comment
itimpi Posted December 24, 2021 Share Posted December 24, 2021 8 hours ago, Mik3 said: I wasn't sure if unraid was using Apache or not that's why the question. Thanks a lot for your reply. Unraid uses nginx as the web server behind its GUI Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.