Debian Node-Mocha vulnerabilities
2 known vulnerabilities affecting debian/node-mocha.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2024-55565MEDIUMCVSS 4.3fixed in node-mocha 9.1.4+ds1+~cs28.2.8-1 (bookworm)2024
CVE-2024-55565 [MEDIUM] CVE-2024-55565: node-mocha - nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a...
nanoid (aka Nano ID) before 5.0.9 mishandles non-integer values. 3.3.8 is also a fixed version.
Scope: local
bookworm: resolved (fixed in 9.1.4+ds1+~cs28.2.8-1)
bullseye: resolved (fixed in 8.2.1+ds1+~cs29.4.27-3+deb11u1)
forky: resolved (fixed in 9.1.4+ds1+~cs28.2.8-1)
sid: resolved (fixed in 9.1.4+ds1+~cs28.2.8-1)
trixie: resolved (fixed in 9.1.4+ds1+~cs28.2.
debian
CVE-2021-23566MEDIUMCVSS 4.0fixed in node-mocha 9.1.4+ds1+~cs28.2.8-1 (bookworm)2021
CVE-2021-23566 [MEDIUM] CVE-2021-23566: node-mocha - The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Ex...
The package nanoid from 3.0.0 and before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.
Scope: local
bookworm: resolved (fixed in 9.1.4+ds1+~cs28.2.8-1)
bullseye: resolved (fixed in 8.2.1+ds1+~cs29.4.27-3+deb11u1)
forky: resolved (fixed in 9.1.4+ds1+~cs28.2.8-1)
sid: resolved (fixed in 9
debian