356 matches found
Improper Neutralization of Special Elements in Data Query Logic
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the process that handles Cypher queries. An attacker can execute arbitrary Cypher commands by injecting malicious input into the query construction process. Remediation...
org.apache.camel.karaf:camel-neo4j (>=4.10.3 <=4.10.7), org.apache.camel.springboot:camel-neo4j-starter (>=4.10.0 <=4.10.7) potentially affected by CVE-2025-66169 via org.apache.camel:camel-neo4j (>=4.10.0 <=4.10.7)
org.apache.camel:camel-neo4j MAVEN version =4.10.0, =4.10.3, =4.10.0, =4.10.7 Source cves: CVE-2025-66169 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-14930769...
org.apache.camel.springboot:camel-neo4j-starter (>=4.15.0 <=4.16.0) potentially affected by CVE-2025-66169 via org.apache.camel:camel-neo4j (>=4.15.0 <=4.16.0)
org.apache.camel:camel-neo4j MAVEN version =4.15.0, =4.15.0, =4.16.0 Source cves: CVE-2025-66169 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-14930769...
GHSA-4JRW-64VR-7G8M Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
Apache Camel camel-neo4j component is vulnerable to cypher injection
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
org.apache.camel.springboot:camel-neo4j-starter (>=4.14.0 <=4.14.2) potentially affected by CVE-2025-66169 via org.apache.camel:camel-neo4j (>=4.14.0 <=4.14.2)
org.apache.camel:camel-neo4j MAVEN version =4.14.0, =4.14.0, =4.14.2 Source cves: CVE-2025-66169 Source advisory: OSV:GHSA-4JRW-64VR-7G8M...
org.apache.camel.springboot:camel-neo4j-starter (>=4.15.0 <=4.16.0) potentially affected by CVE-2025-66169 via org.apache.camel:camel-neo4j (>=4.15.0 <=4.16.0)
org.apache.camel:camel-neo4j MAVEN version =4.15.0, =4.15.0, =4.16.0 Source cves: CVE-2025-66169 Source advisory: OSV:GHSA-4JRW-64VR-7G8M...
org.apache.camel.karaf:camel-neo4j (>=4.10.3 <=4.10.7), org.apache.camel.springboot:camel-neo4j-starter (>=4.10.0 <=4.10.7) potentially affected by CVE-2025-66169 via org.apache.camel:camel-neo4j (>=4.10.0 <=4.10.7)
org.apache.camel:camel-neo4j MAVEN version =4.10.0, =4.10.3, =4.10.0, =4.10.7 Source cves: CVE-2025-66169 Source advisory: OSV:GHSA-4JRW-64VR-7G8M...
CVE-2025-66169
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169 Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169
The CVE-2025-66169 entry concerns a Cypher Injection vulnerability in the Apache Camel camel-neo4j component. Affected versions are 4.10.0 before 4.10.8, 4.14.0 before 4.14.3, and 4.15.0 before 4.17.0. The underlying issue is improper handling of Cypher queries, leading to potential unauthorized ...
EUVD-2026-2447
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
CVE-2025-66169 Apache Camel Neo4j: Cypher injection vulnerability in Camel-Neo4j component
Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0...
PT-2026-2851
Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.10.0 through 4.10.7 Apache Camel versions 4.14.0 through 4.14.2 Apache Camel versions 4.15.0 through 4.16.9 Description A Cypher Injection issue exists in the Apache Camel camel-neo4j component. This allows for potentia...
Apache Camel 安全漏洞
Apache Camel is the United States Apache Apache Foundation of a set of open source based on Enterprise Integration Pattern Enterprise Integration Pattern , referred to as EIP integration framework. The framework provides an implementation of the Enterprise Integration Pattern Java objects POJO ,...
CVE-2018-1000820
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...
CVE-2022-37423
Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...
CVE-2024-34517
The Cypher component in Neo4j 5.0.0 through 5.18 mishandles IMMUTABLE privileges in some situations where an attacker already has admin access...