3 matches found
com.buschmais.jqassistant.cli:jqassistant-commandline-neo4jv3 (>=1.4.0 <=1.7.0-RC1), com.buschmais.jqassistant.neo4jserver:neo4jv3 (>=1.4.0 <=1.7.0-RC1) +10 more potentially affected by CVE-2022-37423 via org.neo4j.procedure:apoc (>=3.4.0.1 <=3.5.0.7)
org.neo4j.procedure:apoc MAVEN version =3.4.0.1, =1.4.0, =1.4.0, =1.4.0, =1.8.0, =1.10.0 - org.jqassistant.contrib.plugin:jqassistant-plantuml-rule-plugin =1.7.0 Source cves: CVE-2022-37423 Source advisory: OSV:GHSA-78F9-745F-278P...
CVE-2022-37423
Neo4j APOC Awesome Procedures on Cypher before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream...
CVE-2022-37423
Neo4j APOC (Awesome Procedures on Cypher) contains a Directory Traversal vulnerability (CVE-2022-37423) in apoc.log.stream. The issue affects Neo4j APOC plugins prior to 4.3.0.7 and 4.x prior to 4.4.0.8, allowing traversal to sibling directories. Public advisories (GHSA-78F9-745F-278P, OSV, NVD) ...