Fixed Version Released for Nano ID Due to Non-Integer Value Mishandling
CVE-2024-55565

Currently unrated

Key Information:

Vendor: nanoid
Vendor: CVE Published:; 9 December 2024

Summary

nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.

References

https://github.com/ai/nanoid/pull/510

https://github.com/ai/nanoid/releases/tag/5.0.9

https://github.com/ai/nanoid/compare/3.3.7...3.3.8

Timeline

Vulnerability published
Dec 9, 2024
Vulnerability Reserved
Dec 9, 2024

.