CVE-2021-42767

Published March 1st, 2022

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attackers to read local files, and sometimes create local files. This is fixed in 3.5.17, 4.2.10, 4.3.0.4, and 4.4.0.1.

neo4j-contrib/neo4j-apoc-procedures

Awesome Procedures On Cypher for Neo4j - codenamed "apoc" If you like it, please ★ above ⇧

GitHub

1.87K