Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Neo4jAwesome Procedures On Cyper

3 matches found

CVE
CVEadded 2023/01/14 12:29 a.m.92 views

CVE-2022-23532

CVE-2022-23532 describes a path traversal vulnerability in the APOC library for Neo4j, specifically in the apoc.export.* procedures. The issue allows an attacker who can run arbitrary Cypher (or has app Cypher injection) to break out of the intended directory and create arbitrary files (overwriti...

7.1CVSS6.7AI score0.00373EPSS
CVE
CVEadded 2018/12/20 3:0 p.m.67 views

CVE-2018-1000820

Affected software: neo4j-contrib neo4j-apoc-procedures. Vulnerability: XML External Entity (XXE) in the XML Parser. Root cause / affected versions: before commit 45bc09c. Impact (as stated): disclosure of confidential data, denial of service, SSRF, port scanning. Status / fix: appears fixed after...

10CVSS9.4AI score0.00245EPSS
CVE
CVEadded 2023/02/16 12:0 a.m.52 views

CVE-2023-23926

CVE-2023-23926 is an XXE flaw in the APOC core plugin’s apoc.import.graphml for Neo4j. The XML parser was misconfigured, allowing external entities to be resolved, enabling reading local files, making HTTP requests, and potential DoS. Affected are APOC versions before 5.5.0 and 4.4.0.14 (4.4 bran...

8.1CVSS8AI score0.00198EPSS