Skip to main content

Incorrect Comparison

CVE-2020-11071

Severity High
Score 8.6/10

Summary

SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This is fixed in version 0.27.2.

  • LOW
  • NETWORK
  • HIGH
  • CHANGED
  • NONE
  • NONE
  • NONE
  • NONE

CWE-697 - Incorrect Comparison

The software compares two entities in a security-relevant context, but the comparison is incorrect, which may lead to resultant weaknesses.

References

Advisory Timeline

  • Published