EUVD-2022-0677

Malicious code in bioql PyPI...

GHSA-QRPM-P2H7-HRV2 Exposure of Sensitive Information to an Unauthorized Actor in nanoid

The package nanoid from 3.0.0, before 3.1.31, are vulnerable to Information Exposure via the valueOf function which allows to reproduce the last id generated...

DEBIAN-CVE-2021-23566

The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf function which allows to reproduce the last id generated...

UBUNTU-CVE-2021-23566

The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf function which allows to reproduce the last id generated...

nanoid 代码问题漏洞

nanoid is a small, secure, URL-friendly, unique string ID generator for JavaScript. nanoid is vulnerable, stemming from nanoid's vulnerability to information exposure via the valueOf function, which allows the last generated id to be reproduced. no details of the vulnerability are currently...

PT-2022-9413 · Nanoid · Nanoid

Name of the Vulnerable Software and Affected Versions: nanoid versions 3.0.0 through 3.1.30 Description: The issue allows for Information Exposure via the valueOf function, enabling the reproduction of the last generated id. Recommendations: For nanoid versions 3.0.0 through 3.1.30, update to...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the valueOf function which allows to reproduce the last id generated. PoC javascript import nanoid from 'nanoid'; const makeProxyNumberToReproducePreviousID = = let step = 0; return valueOf // // if !pool ||...