4 matches found
EUVD-2025-37324
Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses...
CVE-2025-11602
Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions allows attacker to obtain one byte of information from previous connections. The attacker has no control over the information leaked in server responses...
Sensitive Information in Resource Not Removed Before Reuse
Overview Affected versions of this package are vulnerable to Sensitive Information in Resource Not Removed Before Reuse in the Bolt protocol handshake. An attacker can obtain one byte of information from previous connections by sending crafted requests during the protocol negotiation phase. The...
PT-2025-44600
Name of the Vulnerable Software and Affected Versions Neo4j versions prior to 2025-11602 Description A potential information leak exists in the bolt protocol handshake within Neo4j Enterprise and Community editions. This allows an attacker to obtain one byte of information from previous...