Critical severityNVD Advisory· Published Jul 30, 2020· Updated Aug 4, 2024
False-positive validity for NFT1 genesis transactions in SLP Validate
CVE-2020-15131
Description
In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as is required by the NFT1 specification. This is fixed in version 1.2.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
slp-validatenpm | < 1.2.2 | 1.2.2 |
Affected products
2- Range: < 1.2.2
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4- github.com/advisories/GHSA-6jmr-jfh7-xg3hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-15131ghsaADVISORY
- github.com/simpleledger/slp-validate.js/commit/3963cf914afae69084059b82483da916d97af65cghsax_refsource_MISCWEB
- github.com/simpleledger/slp-validate.js/security/advisories/GHSA-6jmr-jfh7-xg3hghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.