CVE-2020-15131
Incorrect Comparison in npm/slp-validate
Identifiers
CVE-2020-15131, GHSA-6jmr-jfh7-xg3h
Package Slug
npm/slp-validate
Vulnerability
Incorrect Comparison
Description
In SLP Validate (npm package slp-validate), there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as is required by the NFT1 specification.
Affected Versions
All versions before 1.2.2
Solution
Upgrade to version 1.2.2 or above.
Last Modified
2020-08-05
| source |