Lucene search
+L

4 matches found

Github Security Blog
Github Security Blog
added 2023/03/30 9:30 p.m.26 views

Payara Server allows remote attackers to load malicious code on the server once a JNDI directory scan is performed

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...

9.8CVSS8.9AI score0.0093EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/03/30 9:30 p.m.54 views

GHSA-XC93-587G-MXM7 Payara Server allows remote attackers to load malicious code on the server once a JNDI directory scan is performed

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...

9.8CVSS9.5AI score0.0093EPSS
Exploits0References3
OSV
OSV
added 2023/03/30 8:15 p.m.4 views

CVE-2023-28462

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 Enterprise, 5.20.0 and newer Enterprise, and 5.2020.1 and newer Community, when Java 1.8u181 and earlier is used, allows remote attackers to load malicious code on the server once a JNDI directory scan is performed...

9.8CVSS7.4AI score0.0093EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/30 12:0 a.m.5 views

Payara Server 安全漏洞

Payara Server is a cloud-native, innovative, open source middleware platform from Payara UK. A security vulnerability exists in Payara Server that originates from allowing a remote attacker to load malicious code on the server after performing a JNDI directory scan. Affected Products and Versions...

9.8CVSS8.6AI score0.0093EPSS
Exploits0References2
Rows per page
Query Builder