This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Vulnerabilities in latest docker image of neo4j 4.4.9

Karishma_1
Node

‎07-20-2022 09:29 AM

Hi ,

We are using neo4j 4.4.9 community edition for one of our projects. While scanning with the aquasec scanner, we are getting this CVE.

this CVE is associated with Java packages which have high vulnerabilities 

CVE:2022-33980- common configuration2 2.7

is it possible to update the packages for neo4j? Or is it possible to release a version/bug fix with this vulnerabilities resolution ?

 

0 Kudos
Reply
1 REPLY 1

Cobra
Ninja
Ninja

‎07-20-2022 01:34 PM

Hello @Karishma_1 😊

You should raise an issue here or here.

Regards,
Cobra

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays