MEDIUM 6.5
GHSA-p343-9qwp-pqxv
Neo4j Cypher component mishandles IMMUTABLE privileges
Details
The Cypher component in Neo4j between v.5.0.0 and v.5.19.0 mishandles IMMUTABLE.
Are you affected?
Enter the version of the package you're using.
Affected packages
Maven / org.neo4j:neo4j-cypher
Introduced in:
5.0.0 Fixed in: 5.19.0 Fix
# pom.xml: bump <version>5.19.0</version> for org.neo4j:neo4j-cypher References
- https://nvd.nist.gov/vuln/detail/CVE-2024-34517 [ADVISORY]
- https://github.com/advisories/GHSA-p343-9qwp-pqxv [ADVISORY]
- https://github.com/neo4j/neo4j [PACKAGE]
- https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher [WEB]
- https://neo4j.com/security/cve-2024-34517 [WEB]
- https://trust.neo4j.com [WEB]