30 matches found
EUVD-2024-49021
Malicious code in bioql PyPI...
EUVD-2023-46191
Malicious code in bioql PyPI...
EUVD-2024-48253
Malicious code in bioql PyPI...
CVE-2024-45687
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in Payara Platform Payara Server Grizzly, REST Management Interface modules, Payara Platform Payara Micro Grizzly modules allows Manipulating State, Identity Spoofing.This issue affects Payar...
CVE-2025-1534
CVE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, fr...
CVE-2025-1534 Cross-site Scripting (Stored)
CVE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, fr...
CVE-2025-1534 Cross-site Scripting (Stored)
CVE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, fr...
CVE-2024-45687
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in Payara Platform Payara Server Grizzly, REST Management Interface modules, Payara Platform Payara Micro Grizzly modules allows Manipulating State, Identity Spoofing.This issue affects Payar...
CVE-2024-45687 HTTP Server incorrectly accepting disallowed characters within header values
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in Payara Platform Payara Server Grizzly, REST Management Interface modules, Payara Platform Payara Micro Grizzly modules allows Manipulating State, Identity Spoofing.This issue affects Payar...
CVE-2024-8215
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Payara Platform Payara Server Admin Console modules allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before...
CVE-2024-8215 Payload Injection Attack via Management REST interface
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Payara Platform Payara Server Admin Console modules allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before...
CVE-2024-8097
CVE-2024-8097 affects Payara Server (Logging modules): credentials posted in plain text may be exposed in server logs. Affected versions include 4.1.2.191.0–4.1.2.191.50, 5.20.0–5.67.0, 5.2020.2–5.2022.5, 6.0.0–6.18.0, and 6.2022.1–6.2024.9. Upgrade to fixed releases (e.g., 4.1.2.191.50+, 5.67.0+...
CVE-2024-7312
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server REST Management Interface modules allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before...
CVE-2024-7312 REST Interface Link Redirection via Host parameter
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server REST Management Interface modules allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before...
CVE-2024-7312
CVE-2024-7312 affects Payara Server (REST Management Interface modules) with an Open Redirect leading to potential session hijacking. Multiple versions are impacted: 4.1.2.191.0–4.1.2.191.50, 5.20.0–5.67.0, 5.2020.2–5.2022.5, 6.0.0–6.18.0, and 6.2022.1–6.2024.9. Root cause is URL redirection to u...
CVE-2024-7312 REST Interface Link Redirection via Host parameter
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server REST Management Interface modules allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before...
CVE-2023-41699
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...
CVE-2023-41699
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...
Open redirect
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...
CVE-2023-41699
CVE-2023-41699 affects Payara Platform (Payara Server, Micro and Embedded) across multiple releases. The issue is a URL redirect/open redirect vulnerability in the servlet implementation modules that permits Redirect Access to Libraries. Affected versions are 5.0.0–5.57.0 (inclusive 5.57.0), 4.1....