VYPR
Vendor

AsyncAPI

Products
2
CVEs
2
Across products
2
Status
Private

Products

2

Recent CVEs

2
  • CVE-2023-23619CriJan 26, 2023
    risk 0.64cvss 9.9epss 0.01

    Modelina is a library for generating data models based on inputs such as AsyncAPI, OpenAPI, or JSON Schema documents. Versions prior to 1.0.0 are vulnerable to Code injection. This issue affects anyone who is using the default presets and/or does not handle the functionality…

  • CVE-2021-37694HigAug 11, 2021
    risk 0.57cvss 8.7epss 0.01

    @asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no…