GCVE - cpe:2.3:a:n/a:nanoid:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:nanoid:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Nanoid (`be9eeb13-0167-5669-b0d5-b25729e2ec51`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2021-23566`	vulnerable	2026-06-08 05:30:03.006966	Information Exposure MEDIUM (4) The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated. Published: 2022-01-14T20:05:21.597Z Updated: 2025-11-03T21:44:38.677Z Open on db.gcve.eu Reference links https://snyk.io/vuln/SNYK-JS-NANOID-2332193 https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2332550 https://gist.github.com/artalar/bc6d1eb9a3477d15d2772e876169a444 https://github.com/ai/nanoid/commit/2b7bd9332bc49b6330c7ddb08e5c661833db2575 https://github.com/ai/nanoid/pull/328	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.