What is the Payara CNA?
Payara is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 6 CVE records since 2023.
How many CVEs has Payara published?
Payara has published 6 CVE records, including 5 in the last two years.
What is Payara's CVE data quality grade?
RadicalNotion.AI grades Payara's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does Payara publish CVEs for?
Payara most frequently publishes CVEs for Payara Server, payara, Payara Micro, payara_server, Payara Server, Micro and Embedded.
Which vendors does Payara cover?
Payara publishes CVEs across 1 distinct vendors, most often Payara Platform, payara, payara_platform.
Is Payara actively publishing CVEs?
Payara is currently active, based on 5 CVEs in the last two years.
What is the average severity of Payara's CVEs?
The average CVSS base score across Payara's scored CVEs is 6.3.
Are any of Payara's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of Payara's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in Payara's CVEs?
Payara's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-601 (URL Redirection to Untrusted Site ('Open Redirect')), CWE-113 (Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor).
How does Payara rank among CNAs?
By total CVE volume, Payara ranks #343 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
