Try Free

August Payara 5 Community Release Out Today!

Jakarta EE
Priya Khaira-Hanks
Published: 17 Aug 2022
Updated: 21 Oct 2025

Payara Community Version 5.2022.3 is out today, bringing concurrency enhancements previously seen in Enterprise and a key security fix, solving the recently discovered CVE-2022-37422. You must update your environments to the latest version to be safe.

 

Please note: This is not the final Payara 5 Community release, but that final release is coming up in September – so get prepared to move to Jakarta EE 10 or choose Enterprise.

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix.

You can download Payara Community Version 5.2022.3here.

You Must Update – CVE-2022-37422

There is a recently detected a 0-day vulnerability in all distributions of the Payara Platform that affects web applications that are deployed in the default context root(/). To this effect, we have prepared a fix. 

All Payara users must update their environment as soon as possible to remain safe. The safe versions are:

Not out yet, but coming soon: 

  • Payara Community 6.2022.1.Alpha4

We would like to credit and give thanks to Marcin Dudek (@dudekmar) who originally reported the issue.

Payara Community Receives Concurrency Enhancements 

Payara 5 Community users can now enjoy concurrency enhancements previously brought to Payara Enterprise.

Payara-resources.xml already allowed several different types of resources to be defined within it. Now, ManagedExecutorServices is one of them.This allows you to create concurrent ManagedExecutor resources automatically when the .ear or .jar that needs them is deployed. 

You can also now use ForkJoinPool for Managed Executor Services.

However, please note, that Payara 5 Community will soon be discontinued and the only safe way to use these enhancements will be with Payara 6 Community or Payara 5 Enterprise – find out more here.

Enterprise Users: Payara 4.x Extended Maintenance 

Today also sees the release of Payara 4.1.2.191.36. This is the last release before it enters its Extended Support phase. You have been emailed about this but monthly patches will stop being released for the current minor version, and we’ll stop implementing hotfixes and backport fixes for releases older than 4.1.2.191. Please upgrade your environments and contact our support team via the usual channels with any questions.

Webinar – Move Your GlassFish Upstream: What You Need to Know About Migration

If you are reading this, it is likely you are already using Payara Platform – but if you still have applications or projects in GlassFish, or know people who do, it’s time to make the change. 

Previously scheduled for July, the webinar has now been rearranged for August 24, 3.00 PM BST.

Make sure you re-sign up:

New call-to-action

Release Notes

Payara Community Version 5.2022.3 brings 10 bug fixes, 6 component updates, 7 improvements and 1 key security fix. 

See a more detailed overview in the Release Notes:

Share:

Download Payara Platform Community

Comments (2)

Post a comment

Your email address will not be published. Required fields are marked *

Payara needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Legal & Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Eduardo Lozano

    The CVE-2022-37422 vulnerability only affects version 5.2022.2?

    Reply
    1. Jadon Ortlepp

      Unfortunately it seems very likely it will affect some older versions as well.

      Reply

Related Posts

Green stylised leaf symbol representing the Spring Framework, shown with a smooth curved shape and a small stem inside a circular or rounded background , with 'spring' written on its right side. 2 minutes
Jakarta EE
Dominika Tasarz
21 Nov 2025

Spring Framework 7.0 and Spring Data 2025.1.0 Embrace Jakarta EE 11 Compatibility

The recent releases of Spring Framework 7.0 and Spring Data 2025.1.0 mark an important milestone for the Java ecosystem, […]

Read More
Docker logo 4 minutes
Community
Dominika Tasarz
18 Nov 2025

Level Up Your Jakarta EE Apps with Payara 7 and New Docker Images

We’re excited to share major updates around the Docker image story for the Payara Platform Community, aligned with our […]

Read More
Timeline showing Payara Platform Enterprise 4, 5, and 6 support phases (Full, Extended, Lifetime) from 2023–2033, along with JDK 8, 11, 17, and 21 support periods and end-of-life markers. 4 minutes
Thought Leadership
Chiara Civardi
17 Nov 2025

Understanding the Payara Platform Enterprise Software Lifecycle: How We Support Long-Term Stability 

Keeping an application server running smoothly isn’t so much about new features, but more about predictability and consistency. Software […]

Read More