We receive some questions regarding the "NGINX Rift" exploit.
U7 uses nginx, but we do not use problematic the ngx_http_rewrite_module: We don't use rewrite at all, and we only use set without references to former captures - and we also don't allow users to write their own config blocks that end up in our nginx configuration. (And even if a remote code execution happened, the nginx user does not have access on any user data anyway; as it only runs as a frontend webserver proxying requests to web backends, with no relevant filesystem permissions.)
U8 does not use nginx at all; on that platform, Caddy is used as a frontend webserver.