@asyncapi-actions-test/trusted-publishing-test_asyncapi-cli (>=4.1.3 <=5.4.0), @asyncapi/cli (>=3.3.0 <=6.0.0) +3 more potentially affected by unknown CVE via @asyncapi/problem (=1.0.0)

@asyncapi/problem NPM version =1.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/problem and may be impacted: - @asyncapi-actions-test/trusted-publishing-testasyncapi-cli =4.1.3, =3.3.0, =0.16.0, =1.4.14, =1.4.39 -...

EUVD-2025-198691

Malicious code in @asyncapi/cli npm...

Malicious code in @asyncapi/cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b13eec1644f2d38922b7e61732a64ae6ee0d71810232ff15c95a3290de465d The package @asyncapi/cli was found to contain malicious code. Source: ghsa-malware 99e5bdb2a7d429f7e01403c432963826b244c3bed02a5a877ace1307b5fee3ad...

@asyncapi/cli (>=2.5.0 <=4.1.1), @asyncapi/generator (>=2.1.3 <=2.11.0) +3 more potentially affected by unknown CVE via @asyncapi/nunjucks-filters (=2.1.0)

@asyncapi/nunjucks-filters NPM version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/nunjucks-filters and may be impacted: - @asyncapi/cli =2.5.0, =2.1.3, =2.1.4, =0.1.0, =0.1.469 - nestjs-asyncapi =2.0.1 Source cves: unknown CVE...

@asyncapi/cli (>=0.21.0 <=0.27.3), @asyncapi/dotnet-nats-template (>=0.2.0 <=0.8.4) +9 more potentially affected by CVE-2023-23619 via @asyncapi/modelina (>=0.11.0 <=0.9.0)

@asyncapi/modelina NPM version =0.11.0, =0.21.0, =0.2.0, =0.1.8, =0.3.33, =0.4.0, =0.0.1, =0.0.1, =0.1.0, =0.1.7 Source cves: CVE-2023-23619 Source advisory: OSV:GHSA-4JG2-84C2-PJ95...