Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina

🗓️ 21 Sep 2021 18:59:41Reported by GitHub Advisory DatabaseType

Improper control of code generation in @asyncapi/modelina leading to code injection vulnerability when using default presets

Reporter	Title	Published	Views	Family All 9
GitLab Advisory Database	Improper Control of Generation of Code ('Code Injection')	26 Jan 202300:00	–	gitlab
NVD	CVE-2023-23619	26 Jan 202321:18	–	nvd
CVE	CVE-2023-23619	26 Jan 202321:18	–	cve
Prion	Code injection	26 Jan 202321:18	–	prion
Vulnrichment	CVE-2023-23619 Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina	26 Jan 202310:42	–	vulnrichment
OSV	Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina	21 Sep 202118:41	–	osv
OSV	CVE-2023-23619	26 Jan 202321:18	–	osv
Veracode	Remote Code Execution (RCE)	22 Sep 202108:39	–	veracode
Cvelist	CVE-2023-23619 Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina	26 Jan 202310:42	–	cvelist

Vulners

Node

asyncapi modelinaRange<1.0.0

Source	Link
github	www.github.com/asyncapi/modelina/security/advisories/GHSA-4jg2-84c2-pj95
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-23619
github	www.github.com/advisories/GHSA-4jg2-84c2-pj95

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Sep 2021 18:41Current

8.4High risk

Vulners AI Score8.4

CVSS38.8 - 9.9

EPSS0.00151

SSVC

CWE-94