← Back

CVE-2021-23566

nvd nist
Published: Jan 14, 2022Modified: Jun 17, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

Affected (1)

Nanoid
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
From 3.0.0 to 3.1.31

References (12)

Source: report@snyk.io
ExploitThird Party Advisory
Source: report@snyk.io
ExploitIssue TrackingPatchThird Party Advisory
Source: report@snyk.io
ExploitThird Party Advisory
Source: report@snyk.io
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.