@achinet/nestjs-async (>=0.1.0 <=0.2.0), @asyncapi-actions-test/trusted-publishing-test_asyncapi-cli (>=4.1.3 <=5.4.0) +14 more potentially affected by unknown CVE via @asyncapi/modelina (=5.10.1)

@asyncapi/modelina NPM version =5.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on @asyncapi/modelina and may be impacted: - @achinet/nestjs-async =0.1.0, =4.1.3, =2.5.0, =2.8.3, =0.2.0, =5.2.2, =0.54.0, =1.4.14, =1.8.0, =2.0.0, =0.1.0, =0.48.0,...

@asyncapi/cli (>=0.21.0 <=0.27.3), @asyncapi/dotnet-nats-template (>=0.2.0 <=0.8.4) +9 more potentially affected by CVE-2023-23619 via @asyncapi/modelina (>=0.11.0 <=0.9.0)

@asyncapi/modelina NPM version =0.11.0, =0.21.0, =0.2.0, =0.1.8, =0.3.33, =0.4.0, =0.0.1, =0.0.1, =0.1.0, =0.1.7 Source cves: CVE-2023-23619 Source advisory: OSV:GHSA-4JG2-84C2-PJ95...

PT-2021-24347 · Modelina · Modelina

Name of the Vulnerable Software and Affected Versions: Modelina versions prior to 1.0.0 Description: Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. This issue affects anyone who is using the default presets and/or does not...