Payara prior to 2022-11-04, when deployed to the root context, allows malicious users to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community prior to 4.1.2.191.38, 5.x prior to 5.2022.4, and 6.x prior to 6.2022.1, and Payara Platform Enterprise prior to 5.45.0.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
payara payara |