CVE-2020-15131

Name of the Vulnerable Software and Affected Versions slp-validate versions prior to 1.2.2

Description The issue concerns false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1 Group token type as required by the NFT1 specification.

Recommendations Upgrade to slp-validate version 1.2.2 to resolve the issue. As a temporary workaround, consider avoiding the use of the vulnerable validation mechanism for NFT1 Child Genesis transactions until the update is applied.