Cpe Name:
cpe:2.3:a:simpleledger:slpjs:*:*:*:*:*:node.js:*:*
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2020-15130 |
697 |
|
|
2020-07-30 |
2020-08-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as is required by the NFT1 specification. This is fixed in version 0.27.4. |
|
2 |
CVE-2020-11071 |
697 |
|
|
2020-05-12 |
2020-05-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This is fixed in version 0.27.2. |
|
3 |
CVE-2019-16762 |
20 |
|
|
2019-11-15 |
2019-11-19 |
4.9 |
None |
Remote |
Medium |
??? |
None |
Partial |
Partial |
|
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any version >= 0.21.4. |
Total number of vulnerabilities :
3
Page :
1
(This Page)
