[MAVEN:GHSA-P343-9QWP-PQXV] Neo4j Cypher component mishandles IMMUTABLE privileges

Severity Moderate

Affected Packages 1

Fixed Packages 1

CVEs 1

The Cypher component in Neo4j before 5.19.0 mishandles IMMUTABLE privileges.

Package	Affected Version
pkg:maven/org.neo4j/neo4j-cypher	< 5.19.0

Package	Fixed Version
pkg:maven/org.neo4j/neo4j-cypher	= 5.19.0

ID: MAVEN:GHSA-P343-9QWP-PQXV
Severity: moderate
URL: https://github.com/advisories/GHSA-p343-9qwp-pqxv
Published: 2024-05-07T18:30:34
(11 days ago)
Modified: 2024-05-07T19:59:42
(11 days ago)
Rights: Maven Security Team

Source	# ID	Name	URL
			https://nvd.nist.gov/vuln/detail/CVE-2024-34517
			https://github.com/neo4j/neo4j/wiki/Neo4j-5-changelog#cypher
			https://neo4j.com/security/cve-2024-34517
			https://trust.neo4j.com
			https://github.com/advisories/GHSA-p343-9qwp-pqxv

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:maven/org.neo4j/neo4j-cypher	org.neo4j	neo4j-cypher	< 5.19.0
Fixed	pkg:maven/org.neo4j/neo4j-cypher	org.neo4j	neo4j-cypher	= 5.19.0

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date