13 matches found
EUVD-2020-0427
Malware in sbrugna...
EUVD-2020-0410
Malware in sbrugna...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
Loss of Funds for Users Due to Token Purchase after Maximum Supply
Lines of code Vulnerability details Summary When the token's total supply reaches its maximum, users lose funds when attempting to buy tokens, as the transaction completes without minting new tokens. Vulnerability Details To engage in the voting system, users must acquire tokens directly from the...
After pool is initialized, user can perform a sandwich attack through front-running and back-running mint transaction by calling swap function twice to manipulate initial price to be much different than market price and gain much more of output token than expected
Lines of code Vulnerability details Impact After the following initialize function is called, the pool does not own any of the tokens at that moment since the mint function below is not called yet. When the mint transaction is sent, a malicious user can notice it in the mempool and front-run it b...
Denial Of Service (DoS)
slp-validate is vulnerable to denial of service. A false-negative validation outcome for the MINT transaction operations due to an insecure implementation of the SLP wallet allows spending of affected tokens that would result in the destruction of a user's minting baton...
Denial Of Service (DoS)
slpjs is vulnerable to denial of service. A false-negative validation outcome for the MINT transaction operations due to an insecure implementation of the SLP wallet allows spending of affected tokens that would result in the desctruction of a user's minting baton...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11072
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
Input validation
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
Input validation
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11072
In CVE-2020-11072, the npm package slp-validate (before version 1.2.1) could produce false-negative validation outcomes for MINT transactions, enabling a poorly implemented SLP wallet to spend affected tokens and destroy a user’s minting baton. The issue is fixed in slp-validate version 1.2.1. A ...
CVE-2020-11071
CVE-2020-11071 concerns the SLPJS npm package (slpjs) prior to version 0.27.2, describing a vulnerability in which false‑negative validation outcomes for MINT transaction operations could permit spending of affected tokens, potentially destroying a user’s minting baton. The issue is fixed in vers...