Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.
10-04-2022 11:43 AM
nvd.nist.gov reports:
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-30331 |
** DISPUTED ** The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation of a query (in the GSQL query language) without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected." Published: September 05, 2022; 12:15:08 PM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2022-37423 |
Neo4j APOC (Awesome Procedures on Cypher) before 4.3.0.7 and 4.x before 4.4.0.8 allows Directory Traversal to sibling directories via apoc.log.stream. Published: August 12, 2022; 11:15:16 AM -0400 |
All the sessions of the conference are now available online