10 matches found
EUVD-2018-0819
Malware in sbrugna...
Malicious code in neo4j-apoc-procedures (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ae32122ca71a7a075fce5993dbcdceca009308664157c1655b4b3897e205f3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-3195 Malicious code in neo4j-apoc-procedures (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ae32122ca71a7a075fce5993dbcdceca009308664157c1655b4b3897e205f3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-9VX8-F5C4-862X XML External Entity (XXE) vulnerability in apoc.import.graphml
Impact A XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin in Neo4j graph database. XML External Entity XXE injection occurs when the XML parser allows external entities to be resolved. The XML parser used by the apoc.import.graphml procedure was...
CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
XML External Entity Injection (XXE)
neo4j-apoc-procedures is susceptible to XML external entity injection XXE. The vulnerability is caused due to the way XML parser processes XML input containing a reference to an external entity using a weak configuration...
GHSA-R2PP-X4MM-4999 XML External Entity (XXE) vulnerability in neo4j.procedure:apoc
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...
Xxe
neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity XXE vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning. This vulnerability appears to have been fixed in after commit 45bc09c...
PT-2018-9544 · Neo4J Contrib · Neo4J-Apoc-Procedures
Name of the Vulnerable Software and Affected Versions: neo4j-contrib neo4j-apoc-procedures versions before commit 45bc09c Description: The issue is related to a XML External Entity XXE vulnerability in the XML Parser. This can result in disclosure of confidential data, denial of service,...