Headline
GHSA-h28c-453m-h9xm: Path Traversal in Payara
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.
Package
maven fish.payara.api:payara-bom (Maven)
Affected versions
< 5.2022.3
Patched versions
5.2022.3
Related news
CVE-2022-37422: August Payara 5 Community Release Out Today!
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.