neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HNeo4j Awesome Procedures On Cyper
APPNeo4Jwszystkie wersje
Powiązane podatności
APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j that provides hundreds of procedures and fu...
APOC (Awesome Procedures on Cypher) is an add-on library for Neo4j. An XML External Entity (XXE) vulnerability...
A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attacker...
Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java...
Due to incorrect access control in Neo4j Enterprise Database Server 3.4.x before 3.4.9, the setting of LDAP fo...