@asyncapi/generator is vulnerable to Path Traversal
59
Medium Risk
@asyncapi/generator can map a remote schema base URL to a local folder so $refs are resolved from disk. The resolver builds the local file path by string-replacing the base URL prefix with the mapped folder and reads it without normalizing the result or confirming it stays inside that folder. A malicious AsyncAPI document can use ../ traversal sequences, or a symlink planted under the mapped folder, to make the resolver read files outside the intended directory and pull their contents into the generation process. The fix canonicalizes the resolved path and rejects any reference that escapes the mapped base folder.
You are affected if you are using a version that falls within the vulnerable range and your project enables the mapBaseUrlToFolder option while generating from untrusted AsyncAPI documents.
@asyncapi/generator is vulnerable to Path Traversal in versions 1.7.0 - 3.2.2.
Upgrade the @asyncapi/generator library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant