Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.
2022-08-18T19:15:14.663
2024-11-21T07:14:57.710
Modified
CVSSv3.1: 7.5 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | payara | payara | < 4.1.2.191.36 | Yes |
| Application | payara | payara | < 5.2022.3 | Yes |
| Application | payara | payara | < 5.42.0 | Yes |