VYPR

apk package

chainguard/neo4j-2025.08

pkg:apk/chainguard/neo4j-2025.08

Vulnerabilities (3)

  • CVE-2025-68161Dec 18, 2025
    affected < 2025.08.0-r8fixed 2025.08.0-r8

    The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName co

  • CVE-2025-12383Nov 18, 2025
    affected < 2025.08.0-r5fixed 2025.08.0-r5

    In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignoring of critical SSL configurations - such as mutual authentication, custom key/trust stores, and other security settings. This issue may result in SSLHandshakeException under normal circumstances, but

  • CVE-2025-58056Sep 3, 2025
    affected < 2025.08.0-r1fixed 2025.08.0-r1

    Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and clients. In versions 4.1.124.Final, and 4.2.0.Alpha3 through 4.2.4.Final, Netty incorrectly accepts standalone newline characters (LF) as a ch