33 matches found
CVE-2019-16762
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to...
EUVD-2019-0725
Malware in sbrugna...
EUVD-2020-0550
Malware in sbrugna...
EUVD-2020-0427
Malware in sbrugna...
EUVD-2020-0410
Malware in sbrugna...
CVE-2020-15130
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-15130
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
CVE-2020-15130
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
Input validation
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
CVE-2020-15130
CVE-2020-15130 affects the npm package slpjs prior to version 0.27.4, causing a vulnerability where NFT1 Child Genesis transactions could be validated as valid without burning the required NFT1 Group tokens. Root cause: incorrect/poor validation logic in SLPJS that allows false‑positive outcomes....
CVE-2020-15130 False-positive validity for NFT1 genesis transactions in SLPJS
In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...
False-positive validity for NFT1 genesis transactions in SLPJS
Impact In the npm package named "slpjs", versions prior to 0.27.4 are vulnerable to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the...
bch-wallet-plugin-postoffice (>=1.0.0 <=1.0.8), bitcoin-wallet-api (>=0.0.5 <=0.1.6) potentially affected by CVE-2020-15130 via slpjs (>=0.22.5 <=0.23.3)
slpjs NPM version =0.22.5, =1.0.0, =0.0.5, =0.1.6 Source cves: CVE-2020-15130 Source advisory: OSV:GHSA-CC2P-4JHR-XHHX...
slpjs Input Validation Error Vulnerability
slpjs is a JavaScript library for validating and building the Simple Ledger Protocol SLP. An input validation error vulnerability exists in versions of slpjs prior to 0.21.4. The vulnerability stems from a network system or product that does not properly validate input data...
Denial Of Service (DoS)
slpjs is vulnerable to denial of service. A false-negative validation outcome for the MINT transaction operations due to an insecure implementation of the SLP wallet allows spending of affected tokens that would result in the desctruction of a user's minting baton...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
CVE-2020-11071
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...
Input validation
In SLP Validate npm package slp-validate before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. Th...
Input validation
SLPJS npm package slpjs before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting...