cancel
Showing results for 
Search instead for 
Did you mean: 

NVD Scores: Using Neo4j

nvd.nist.gov reports:

Vuln ID  Summary  CVSS Severity 
CVE-2022-30331

** DISPUTED ** The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation of a query (in the GSQL query language) without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."

Published: September 05, 2022; 12:15:08 PM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-37423

Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream.

Published: August 12, 2022; 11:15:16 AM -0400
0 REPLIES 0
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online