Vulnerabilities (CVE)

Filtered by vendor Relic Project Subscribe

Filtered by product Relic

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-36315	1 Relic Project	1 Relic	2022-07-12	5.0 MEDIUM	5.3 MEDIUM
In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of the padding (and of the first two bytes) are inadequate. NOTE: this requires that a low public exponent (such as 3) is being used. The product, by default, does not generate RSA keys with such a low number.
CVE-2020-36316	1 Relic Project	1 Relic	2021-04-16	4.3 MEDIUM	5.5 MEDIUM
In RELIC before 2021-04-03, there is a buffer overflow in PKCS#1 v1.5 signature verification because garbage bytes can be present.