nanoid 3.1.25
1 security vulnerability
found in version
3.1.25
Exposure of Sensitive Information to an Unauthorized Actor in nanoid
medium severity CVE-2021-23566
medium severity
CVE-2021-23566
Affected versions:
>= 3.0.0, < 3.1.31
The package nanoid from 3.0.0, before 3.1.31, are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.
No license issues detected.
This package version has a license in the source code.
This package version is available.
This package version has not been yanked and is still available for usage.