CVE-2022-30331 Information

Description

DISPUTED The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation of a query (in the GSQL query language) without proper validation. Consequently an attacker can execute arbitrary C++ code. NOTE: the vendor’s position is \GSQL was behaving as expected.\

Reference

https://neo4j.com/security/cve-2022-30331/ https://docs.tigergraph.com/home/