Vulnerabilities > Payara

DATE CVE VULNERABILITY TITLE RISK
2023-11-15 CVE-2023-41699 Open Redirect vulnerability in Payara
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.
network
low complexity
payara CWE-601
6.1
2022-11-10 CVE-2022-45129 Files or Directories Accessible to External Parties vulnerability in Payara
Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422.
network
low complexity
payara CWE-552
7.5
2021-09-23 CVE-2021-41381 Path Traversal vulnerability in Payara Micro Community
Payara Micro Community 5.2021.6 and below allows Directory Traversal.
network
low complexity
payara CWE-22
7.5