npm package
@asyncapi/modelina
pkg:npm/%40asyncapi/modelina
Malware
2 malicious versions on record
One or more versions of this package have been flagged as containing malicious code. Audit any system that installed an affected version.
- MAL-2025-190638Malicious code in @asyncapi/modelina (npm)Nov 24, 2025
- GHSA-8x8q-8r37-g7g5Malware in @asyncapi/modelinaNov 24, 2025
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-23619 | — | < 1.0.0 | 1.0.0 | Jan 26, 2023 | Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 are vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality them |
- CVE-2023-23619Jan 26, 2023affected < 1.0.0fixed 1.0.0
Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 are vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality them