VDB

DEBIAN-CVE-2021-23566

DEBIAN-CVE-2021-23566 PUBLISHED CVSS 5.5 MEDIUM

The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
Debian:14node-mocha0, 0, 0
Debian:12node-postcss0, 0, 0
Debian:13node-mocha0, 0, 0
Debian:11node-mocha8.2.1+ds1+~cs29.4.27-3, 0, 8.2.1+ds1
Debian:11node-postcss*, 0, 0
Debian:13node-postcss0, 0, 0
Debian:14node-postcss0, 0, 0
Debian:12node-mocha0, 0, 0

Timeline

  • Jan 14, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›