Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Payara Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45129 1 Payara 1 Payara 2023-01-20 N/A 7.5 HIGH
Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.
CVE-2021-41381 1 Payara 1 Micro Community 2023-01-20 4.3 MEDIUM 7.5 HIGH
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
CVE-2022-37422 1 Payara 1 Payara 2022-08-19 N/A 7.5 HIGH
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.