Try Free

August Payara 5 Community Release Out Today!

Jakarta EE
Priya Khaira-Hanks
Published: 17 Aug 2022
Updated: 21 Oct 2025

Payara Community Version 5.2022.3 is out today, bringing concurrency enhancements previously seen in Enterprise and a key security fix, solving the recently discovered CVE-2022-37422. You must update your environments to the latest version to be safe.

 

Please note: This is not the final Payara 5 Community release, but that final release is coming up in September – so get prepared to move to Jakarta EE 10 or choose Enterprise.

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix.

You can download Payara Community Version 5.2022.3here.

You Must Update – CVE-2022-37422

There is a recently detected a 0-day vulnerability in all distributions of the Payara Platform that affects web applications that are deployed in the default context root(/). To this effect, we have prepared a fix. 

All Payara users must update their environment as soon as possible to remain safe. The safe versions are:

Not out yet, but coming soon: 

  • Payara Community 6.2022.1.Alpha4

We would like to credit and give thanks to Marcin Dudek (@dudekmar) who originally reported the issue.

Payara Community Receives Concurrency Enhancements 

Payara 5 Community users can now enjoy concurrency enhancements previously brought to Payara Enterprise.

Payara-resources.xml already allowed several different types of resources to be defined within it. Now, ManagedExecutorServices is one of them.This allows you to create concurrent ManagedExecutor resources automatically when the .ear or .jar that needs them is deployed. 

You can also now use ForkJoinPool for Managed Executor Services.

However, please note, that Payara 5 Community will soon be discontinued and the only safe way to use these enhancements will be with Payara 6 Community or Payara 5 Enterprise – find out more here.

Enterprise Users: Payara 4.x Extended Maintenance 

Today also sees the release of Payara 4.1.2.191.36. This is the last release before it enters its Extended Support phase. You have been emailed about this but monthly patches will stop being released for the current minor version, and we’ll stop implementing hotfixes and backport fixes for releases older than 4.1.2.191. Please upgrade your environments and contact our support team via the usual channels with any questions.

Webinar – Move Your GlassFish Upstream: What You Need to Know About Migration

If you are reading this, it is likely you are already using Payara Platform – but if you still have applications or projects in GlassFish, or know people who do, it’s time to make the change. 

Previously scheduled for July, the webinar has now been rearranged for August 24, 3.00 PM BST.

Make sure you re-sign up:

New call-to-action

Release Notes

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix. 

See a more detailed overview in the Release Notes:

Share:

Download Payara Platform Community

Comments (2)

Post a comment

Your email address will not be published. Required fields are marked *

Payara needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Legal & Privacy Policy.

  1. Eduardo Lozano

    The CVE-2022-37422 vulnerability only affects version 5.2022.2?

    Reply
    1. Jadon Ortlepp

      Unfortunately it seems very likely it will affect some older versions as well.

      Reply

Related Posts

Payara promotional graphic showing transition from Spring to Jakarta EE, including technology logos, a code icon and arrows leading from Spring to Jakarta EE. 6 minutes
Jakarta EE
Chiara Civardi
27 Oct 2025

From Spring Boot To Jakarta EE 11: How Payara Starter Eases The Transition

If you’ve been living in the Spring ecosystem, you’re used to fast project setup. Spring Initializr gives you a […]

Read More
Graphic promoting the Jakarta EE Agentic AI Project by Payara Community. The design shows a laptop screen with a central icon of a person wearing headphones and using a laptop, surrounded by sparkles. The background features blue ocean-themed elements with coral and small fish. Logos for Jakarta EE and Payara Community appear at the top. 3 minutes
Community
Dominika Tasarz
20 Oct 2025

Announcing the Jakarta Agentic AI Project

Exploring the Future of AI with the Jakarta EE Community At Payara, we’re passionate about pushing the boundaries of […]

Read More
Image promoting a Payara blog with an illustration of a document with checkmarks and a magnifying glass. 5 minutes
Jakarta EE
Luqman Saeed
16 Oct 2025

Why Jakarta EE Standards Make Legacy App Modernization Simple

Legacy Java applications built on enterprise standards don’t have to be roadblocks to modernization. When applications follow established specifications […]

Read More