slp-validate@1.1.0 vulnerabilities

JS SLP transaction validator

latest version

1.2.3
latest non vulnerable version

1.2.3
first published

5 years ago
latest version published

4 years ago
licenses detected
- ISC
  >=0
View slp-validate package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the slp-validate package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
H Incorrect Comparison slp-validate is a Lightweight SLP validator with pre-broadcast validation and burn protection. Affected versions of this package are vulnerable to Incorrect Comparison. There is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as is required by the NFT1 specification. How to fix Incorrect Comparison? Upgrade `slp-validate` to version 1.2.2 or higher.	<1.2.2
H Improper Validation slp-validate is a Lightweight SLP validator with pre-broadcast validation and burn protection. Affected versions of this package are vulnerable to Improper Validation. Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. How to fix Improper Validation? Upgrade `slp-validate` to version 1.2.1 or higher.	<1.2.1

Incorrect Comparison

slp-validate is a Lightweight SLP validator with pre-broadcast validation and burn protection.

Affected versions of this package are vulnerable to Incorrect Comparison. There is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as is required by the NFT1 specification.

How to fix Incorrect Comparison?

Upgrade slp-validate to version 1.2.2 or higher.

<1.2.2

Improper Validation

slp-validate is a Lightweight SLP validator with pre-broadcast validation and burn protection.

Affected versions of this package are vulnerable to Improper Validation. Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton.

How to fix Improper Validation?

Upgrade slp-validate to version 1.2.1 or higher.

<1.2.1

Go back to all versions of this package

slp-validate@1.1.0 vulnerabilities

JS SLP transaction validator

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities