npm package
@asyncapi/java-spring-cloud-stream-template
pkg:npm/%40asyncapi/java-spring-cloud-stream-template
Malware
2 malicious versions on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- MAL-2025-190715Malicious code in @asyncapi/java-spring-cloud-stream-template (npm)Nov 24, 2025
- GHSA-5m67-23v4-2wghMalware in @asyncapi/java-spring-cloud-stream-templateNov 24, 2025
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-37694 | — | < 0.7.0 | 0.7.0 | Aug 11, 2021 | @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigatio |
- CVE-2021-37694Aug 11, 2021affected < 0.7.0fixed 0.7.0
@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigatio