Vulnerabilities

 1 via 1 paths

Dependencies

 7

Source

 GitHub

Commit

 91845b0b

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Severity
  • 1
Status
  • 1
  • 0
  • 0

medium severity

Improper Input Validation

  • Vulnerable module: nanoid
  • Introduced through: nanoid@4.0.2

Detailed paths

  • Introduced through: react-float-menu@prabhuignoto/react-float-menu#91845b0bf41e7e73afc36ecf995739aae25d65c5 nanoid@4.0.2
    Remediation: Upgrade to nanoid@5.0.9.

Overview

Affected versions of this package are vulnerable to Improper Input Validation due to the mishandling of fractional values in the nanoid function. By exploiting this vulnerability, an attacker can achieve an infinite loop.

Remediation

Upgrade nanoid to version 3.3.8, 5.0.9 or higher.

References

Improper Input Validation vulnerability report