VIR Vulnerability Intelligence Relay

Package impact

npm npm / nanoid

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2024-55565 unknown 2y ago nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version. debiannpm
CVE-2021-23566 unknown 4y ago The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated. debiannpm