3 matches found
CVE-2023-23926
APOC Awesome Procedures on Cypher is an add-on library for Neo4j. An XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin prior to version 5.5.0 and 4.4.0.14 4.4 branch in Neo4j graph database. XML External Entity XXE injection occurs when the XML...
CVE-2023-23926
APOC Awesome Procedures on Cypher is an add-on library for Neo4j. An XML External Entity XXE vulnerability found in the apoc.import.graphml procedure of APOC core plugin prior to version 5.5.0 and 4.4.0.14 4.4 branch in Neo4j graph database. XML External Entity XXE injection occurs when the XML...
CVE-2023-23926
CVE-2023-23926 is an XXE flaw in the APOC core plugin’s apoc.import.graphml for Neo4j. The XML parser was misconfigured, allowing external entities to be resolved, enabling reading local files, making HTTP requests, and potential DoS. Affected are APOC versions before 5.5.0 and 4.4.0.14 (4.4 bran...