VDB
DEBIAN-CVE-2021-23566
DEBIAN-CVE-2021-23566
PUBLISHED
CVSS 5.5 MEDIUM
The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | node-mocha | 0, 0, 0 |
| Debian:12 | node-postcss | 0, 0, 0 |
| Debian:13 | node-mocha | 0, 0, 0 |
| Debian:11 | node-mocha | 8.2.1+ds1+~cs29.4.27-3, 0, 8.2.1+ds1 |
| Debian:11 | node-postcss | *, 0, 0 |
| Debian:13 | node-postcss | 0, 0, 0 |
| Debian:14 | node-postcss | 0, 0, 0 |
| Debian:12 | node-mocha | 0, 0, 0 |
Timeline
- Jan 14, 2022 CVE Published
- Apr 28, 2026 CVE Updated