CVE-2021-23566

The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

Date published : 2022-01-14

https://gist.github.com/artalar/bc6d1eb9a3477d15d2772e876169a444

https://github.com/ai/nanoid/commit/2b7bd9332bc49b6330c7ddb08e5c661833db2575