@achinet/nestjs-async (>=0.0.1 <=0.2.0), @aligov/clark-core (>=3.0.0 <=3.0.1) +85 more potentially affected by unknown CVE via @asyncapi/avro-schema-parser (=3.0.24)

@asyncapi/avro-schema-parser NPM version =3.0.24 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/avro-schema-parser and may be impacted: - @achinet/nestjs-async =0.0.1, =3.0.0, =0.2.44, =4.1.3, =0.7.1, =0.9.0, =1.10.0, =0.2.0, =0.1.0, =0.2.13...

EUVD-2025-198640

Malicious code in @asyncapi/avro-schema-parser npm...

@achinet/nestjs-async (>=0.0.1 <=0.2.0), @aligov/clark-core (>=3.0.0 <=3.0.1) +85 more potentially affected by unknown CVE via @asyncapi/avro-schema-parser (=3.0.24)

@asyncapi/avro-schema-parser NPM version =3.0.24 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/avro-schema-parser and may be impacted: - @achinet/nestjs-async =0.0.1, =3.0.0, =0.2.44, =4.1.3, =0.7.1, =0.9.0, =1.10.0, =0.2.0, =0.1.0, =0.2.13...