Vulnerabilities in latest docker image of neo4j 4.4.9

Karishma_1 · July 20, 2022, 4:29pm

Hi ,

We are using neo4j 4.4.9 community edition for one of our projects. While scanning with the aquasec scanner, we are getting this CVE.

this CVE is associated with Java packages which have high vulnerabilities

CVE:2022-33980- common configuration2 2.7

is it possible to update the packages for neo4j? Or is it possible to release a version/bug fix with this vulnerabilities resolution ?

cobra · July 20, 2022, 8:34pm

You should raise an issue here or here.

Regards,
Cobra

Topic		Replies	Views
Log4j Security in Neo4j docker image Docker docker	1	448	December 16, 2021
Neo4j Verison 5.11.10 has Critical and High Vulnerabilitites Graph Algorithms/Graph Data Science	2	619	August 29, 2023
Neo4j community vulnerability General migrated	1	179	September 29, 2022
Latest Neo4j Major Release (4.0) available Announcements	7	3795	January 21, 2020
Running neo4j:latest Docker	2	799	March 6, 2020