A security advisory was issued today for users of LoopBack 2.x and 3.x.

Security risk: Medium (CVSS: 4.3) Vulnerability: Prevent unauthorized alteration of records on same table.

You can find the full details in the corresponding links below.

LoopBack 2.x LoopBack 3.x

What’s next?

If you haven’t already checked out the Developer Preview release, it is just the first milestone of our LoopBack 4 journey. A tentative plan is outlined at https://github.com/strongloop/loopback-next/wiki/Upcoming-Releases. Please note that it is not an official commitment and subject to adjustment as we make progress with the community contributions and feedbacks.