3 matches found
CVE-2020-11071
CVE-2020-11071 concerns the SLPJS npm package (slpjs) prior to version 0.27.2, describing a vulnerability in which false‑negative validation outcomes for MINT transaction operations could permit spending of affected tokens, potentially destroying a user’s minting baton. The issue is fixed in vers...
CVE-2019-16762
CVE-2019-16762 describes a discrepancy between SLP consensus rules and slpjs validation caused by specially crafted Bitcoin scripts, enabling a potential hard-fork from the SLP consensus. Multiple linked sources identify slpjs as the affected component and show that upgrading to version 0.21.4 or...
CVE-2020-15130
CVE-2020-15130 affects the npm package slpjs prior to version 0.27.4, causing a vulnerability where NFT1 Child Genesis transactions could be validated as valid without burning the required NFT1 Group tokens. Root cause: incorrect/poor validation logic in SLPJS that allows false‑positive outcomes....