Neo4j Cypher component mishandles IMMUTABLE privileges · CVE-2024-34517 · GitHub Advisory Database · GitHub

Neo4j Cypher component mishandles IMMUTABLE privileges

Moderate severity GitHub Reviewed Published May 7, 2024 to the GitHub Advisory Database • Updated May 7, 2024

Package

org.neo4j:neo4j-cypher (Maven)

Affected versions

< 5.19.0

Patched versions

5.19.0

Description

The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privileges.

References

Published by the National Vulnerability Database

May 7, 2024

Published to the GitHub Advisory Database May 7, 2024

Reviewed May 7, 2024

Last updated May 7, 2024