6 matches found
CVE-2022-23532
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
CVE-2022-23532
CVE-2022-23532 describes a path traversal vulnerability in the APOC library for Neo4j, specifically in the apoc.export.* procedures. The issue allows an attacker who can run arbitrary Cypher (or has app Cypher injection) to break out of the intended directory and create arbitrary files (overwriti...
CVE-2022-23532 neo4j-apoc-procedures is vulnerable to path traversal
APOC Awesome Procedures on Cypher is an add-on library for Neo4j that provides hundreds of procedures and functions. A path traversal vulnerability found in the apoc.export. procedures of apoc plugins in Neo4j Graph database. The issue allows a malicious actor to potentially break out of the...
com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv3 (>=1.4.0 <=1.7.0-RC1), com.buschmais.jqassistant.neo4jserver:neo4jv3 (>=1.4.0 <=1.7.0-RC1) +10 more potentially affected by CVE-2022-23532 via org.neo4j.procedure:apoc (>=3.4.0.1 <=3.5.0.7)
org.neo4j.procedure:apoc MAVEN version =3.4.0.1, =1.4.0, =1.4.0, =1.4.0, =1.8.0, =1.10.0 - org.jqassistant.contrib.plugin:jqassistant-plantuml-rule-plugin =1.7.0 Source cves: CVE-2022-23532 Source advisory: OSV:GHSA-5V8V-GWMW-QW97...