We would also like to announce that our security team has recently discovered another issue related to the GraphQL API. This new issue, discovered by our security team, has been assigned the CVE-2019-0706. This vulnerability could be exploited to retrieve user data from the database. The vulnerability has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue.
What’s new with GraphQL 3.7?
GraphQL is an open-source data query language and a complete rethinking of web APIs. Version 3 has been released to the public and is available for download on our website.
What’s new in GraphQL 3?
- Quite a few exciting changes including live updates, "serverless" operations, declarative directives and numerous bug fixes to improve performance and stability.
- More than 250 libraries are now available providing support for pre-existing frameworks like React, Angular, VueJS and others.
Where is the GraphQL API?
Installing GraphQL Schema Editor
The vulnerability has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade.
Timeline
Published on: 10/06/2022 18:16:00 UTC
Last modified on: 10/11/2022 04:15:00 UTC