Lucene search
GoogleOSV:CVE-2020-11072HistoryMay 12, 2020 - 1:15 a.m.
CVE-2020-11072
2020-05-1201:15:11
Google
osv.dev
2
In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user’s minting baton. This has been fixed in slp-validate in version 1.2.1. Additonally, slpjs version 0.27.2 has a related fix under related CVE-2020-11071.
| CPE | Name | Operator | Version |
|---|---|---|---|
| slp-validate | eq | 1.1.1 | |
| slp-validate | eq | 1.0.0 | |
| slp-validate | eq | 1.1.2 | |
| slp-validate | eq | 1.1.0 | |
| slp-validate | eq | 1.0.1 |
Related
cvelist
cvelist
prion
prion
Input validation
2020-05-12 01:15:00
Input validation
2020-05-12 01:15:00
cve
cve
CVE-2020-11072
2020-05-12 01:15:11
CVE-2020-11071
2020-05-12 01:15:11
nvd
nvd
CVE-2020-11072
2020-05-12 01:15:11
CVE-2020-11071
2020-05-12 01:15:11
veracode
veracode
Denial Of Service (DoS)
2020-05-13 03:39:25
Denial Of Service (DoS)
2020-05-13 01:23:33
github
github
False-negative validation results in MINT transactions with invalid baton
2020-05-12 00:45:24
False-negative validation results in MINT transactions with invalid baton
2020-05-12 00:39:03
osv
osv
CVE-2020-11071
2020-05-12 01:15:11
False-negative validation results in MINT transactions with invalid baton
2020-05-12 00:45:24
False-negative validation results in MINT transactions with invalid baton
2020-05-12 00:39:03