Vulnerabilities in latest docker image of neo4j 4.4.9
closed
Karishma Manchanda
Hi ,
We are using neo4j 4.4.9 community edition for one of our projects. While scanning with the aquasec scanner, we are getting this CVE.
this CVE is associated with Java packages which have high vulnerabilities
CVE:2022-33980- common configuration2 2.7
is it possible to update the packages for neo4j? Or is it possible to release a version/bug fix with this vulnerabilities resolution ?
Aman Singh
closed
John Kennedy
Hello Karishma Manchanda,
This board is focussed on the Aura Cloud product, which only runs the Neo4j Enterprise database software.
We do care deeply about our security and if you head to https://neo4j.com/cloud/security/ you will see that we have a specific vulnerability management section.
To get in contact with our security team or to report an issue, please go to: https://neo4j.com/security/ where there is an email to report or ask questions.
John