CVE-2020-11072

Name of the Vulnerable Software and Affected Versions slp-validate versions prior to 1.2.1 slpjs version 0.27.2 and earlier

Description The issue concerns false-negative validation outcomes for MINT transaction operations, which could allow spending of affected tokens and result in the destruction of a user's minting baton. This is due to a poorly implemented SLP wallet.

Recommendations For slp-validate versions prior to 1.2.1, upgrade to version 1.2.1 to resolve the issue. For slpjs version 0.27.2 and earlier, upgrade to a version that includes the related fix. At the moment, there is no information about a newer version that contains a fix for this vulnerability for slpjs.