2 matches found
GHSA-MWCW-C2X4-8C55 Predictable results in nanoid generation when given non-integer values
When nanoid is called with a fractional value, there were a number of undesirable effects: 1. in browser and non-secure, the code infinite loops on while size-- 2. in node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled 3. if the...
PT-2024-36557
Name of the Vulnerable Software and Affected Versions nanoid versions prior to 5.0.9 nanoid version 3.3.8 is a fixed version, implying versions prior to 3.3.8 are also affected, but since 3.3.8 is mentioned as a fixed version, it indicates that versions before 3.3.8 and between 3.3.8 and 5.0.9 ar...