npm package
slp-validate
pkg:npm/slp-validate
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-15131 | — | < 1.2.2 | 1.2.2 | Jul 30, 2020 | In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token w | ||
| CVE-2020-11072 | — | < 1.2.1 | 1.2.1 | May 12, 2020 | In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user' | ||
| CVE-2019-16761 | — | >= 1.0.0, < 1.0.1 | 1.0.1 | Nov 15, 2019 | A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. |
- CVE-2020-15131Jul 30, 2020affected < 1.2.2fixed 1.2.2
In SLP Validate (npm package slp-validate) before version 1.2.2, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token w
- CVE-2020-11072May 12, 2020affected < 1.2.1fixed 1.2.1
In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user'
- CVE-2019-16761Nov 15, 2019affected >= 1.0.0, < 1.0.1fixed 1.0.1
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slp-validate@1.0.0 npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus.