Replies: 1 comment 2 replies
-
|
We are trying to update the CVE text and we have informed Snyk, so that automated vulnerability detectors correctly register the patched versions. Note this may take a while. In the meantime please do patch. |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Update: CVE text fixed! https://www.cve.org/CVERecord?id=CVE-2022-37734 |
Beta Was this translation helpful? Give feedback.
-
|
https://security.snyk.io/vuln/SNYK-JAVA-COMGRAPHQLJAVA-3021519 - Snyk also updated |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Some people might start getting notified of a CVE for graphql-java which was released today.
https://www.cve.org/CVERecord?id=CVE-2022-37734
https://security.snyk.io/vuln/SNYK-JAVA-COMGRAPHQLJAVA-3021519
The Snynk document says
This is incomplete. We backported the changes to older versions
The full list of fixed versions is
You don't have to upgrade to the latest graphql-java version to get this fix.
#2549
Beta Was this translation helpful? Give feedback.
All reactions