High severity7.5NVD Advisory· Published Aug 18, 2022· Updated Jun 17, 2026
CVE-2022-37422
CVE-2022-37422
Description
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
fish.payara.api:payara-bomMaven | < 5.2022.3 | 5.2022.3 |
Affected products
2Patches
Vulnerability mechanics
References
4- blog.payara.fish/august-community-5-releasenvdRelease NotesVendor AdvisoryWEB
- github.com/advisories/GHSA-h28c-453m-h9xmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-37422ghsaADVISORY
- www.payara.fish/downloads/nvdProduct
News mentions
0No linked articles in our index yet.