2 matches found
com.graphaware.neo4j.example:change-logger (=4.2.0.58), com.graphaware.neo4j.example:friendship-strength-counter (=4.2.0.58) +60 more potentially affected by CVE-2021-34802 via org.neo4j:neo4j-kernel (>=4.2.0 <=4.2.7)
org.neo4j:neo4j-kernel MAVEN version =4.2.0, =4.2.0, =4.2.0, =4.2.19 and more Source cves: CVE-2021-34802 Source advisory: OSV:GHSA-2W4H-F44W-968F...
CVE-2021-34802
CVE-2021-34802 describes a vulnerability in Neo4j Graph Database versions 4.2 and 4.3 where a failure in resetting the security context during certain transaction actions could allow authenticated users to execute commands with elevated privileges. The root cause is a security-context reset issue...