ai/nanoid

Releases118

Frequency3 weeks 6 days

Last Release about 1 month ago

Stars26.8K

A tiny (118 bytes), secure, URL-friendly, unique string ID generator for JavaScript

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-55565 ↗	Dec 9, 2024Monday, 9 December 2024, 02:15	4.3 MEDIUM	—
nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.
CVE-2021-23566 ↗	Jan 14, 2022Friday, 14 January 2022, 20:15	4 MEDIUM	2.1 LOW
The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.