CNNVD-202510-4447 Information

CNNVD ID

CNNVD-202510-4447

Related CVE

CVE-2025-11602

• CNNVD Published: 2025-10-31

Description (Chinese)

Neo4j Enterprise Edition和Neo4j Community Edition都是美国Neo4j公司的一款图数据库。 Neo4j Enterprise Edition和Neo4j Community Edition存在安全漏洞，该漏洞源于bolt协议握手过程中信息泄露，可能导致攻击者获取先前连接的部分信息。

Description (English)

Neo4j Enterprise Edition and Neo4j Community Edition are both graphic databases of the United States company Neo4j. There is a security loophole in Neo4j Enterprise Edition and Neo4j Community Edition, which stems from the leaking of information during the handshake of the Bolt protocol, which may lead the attackers to obtain some of the previously connected information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Neo4j

Published

2025-10-31

Last Modified

2026-02-24

References

https://neo4j.com/security/cve-2025-11602 https://access.redhat.com/security/cve/cve-2025-11602

Patch

https://neo4j.com/