slpjs

npm3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting slpjspage 1 of 1

CVE-2019-16762MEDIUMCVSS 5.7EG 5.7✓ Fixed in 0.21.4
2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-f…
CVE-2020-11071HIGHCVSS 8.6EG 8.6✓ Fixed in 0.27.2
2020-05-12
SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected toke…
CVE-2020-15130HIGHCVSS 7.5EG 7.5✓ Fixed in 0.27.4
2020-07-30
In SLPJS (npm package slpjs) before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemin…

Check whether slpjs is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for slpjs CVEs against the assets you own.

Start Free Scan →