13 matches found
CVE-2020-15131
In SLP Validate npm package slp-validate before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any ...
CVE-2020-15130
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
Input validation
In SLP Validate npm package slp-validate before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any ...
GHSA-6JMR-JFH7-XG3H False-positive validity for NFT1 genesis transactions
Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...
False-positive validity for NFT1 genesis transactions
Impact In the npm package named "slp-validate", versions prior to 1.2.2 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any o...
GHSA-CC2P-4JHR-XHHX False-positive validity for NFT1 genesis transactions in SLPJS
Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11072
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
Input validation
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
False-negative validation results in MINT transactions with invalid baton
Impact Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Patches npm package slp-validate has been patched and...
False-negative validation results in MINT transactions with invalid baton
Impact Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Patches npm package slpjs has been patched and published a...
CVE-2020-11071
CVE-2020-11071 concerns the SLPJS npm package (slpjs) prior to version 0.27.2, describing a vulnerability in which false‑negative validation outcomes for MINT transaction operations could permit spending of affected tokens, potentially destroying a user’s minting baton. The issue is fixed in vers...