SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a users minting baton. This is fixed in version 0.27.2.
The product compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Slpjs | Simpleledger | * | 0.27.2 (excluding) |
This Pillar covers several possibilities: