← Back

Relic Project

relic_project

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Relic
relic
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-51939
1Relic Project
1Relic
Jun 17, 2026
Feb 1, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function.
CVE-2023-36327
1Relic Project
1Relic
Jun 17, 2026
Sep 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function.
CVE-2023-36326
1Relic Project
1Relic
Jun 17, 2026
Sep 1, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function...Show more
Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function.Show less
CVE-2020-36316
1Relic Project
1Relic
Jun 17, 2026
Apr 7, 2021
N/A· v4
5.5 MEDIUM· v3
4.3 MEDIUM· v2
In RELIC before 2021-04-03, there is a buffer overflow in PKCS#1 v1.5 signature verification because garbage bytes can be present.
CVE-2020-36315
1Relic Project
1Relic
Jun 17, 2026
Apr 7, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of the padding (and of the first two bytes) are inadequate. NOTE: this requires that a low public exponent (such as 3) is bei...Show more
In RELIC before 2020-08-01, RSA PKCS#1 v1.5 signature forgery can occur because certain checks of the padding (and of the first two bytes) are inadequate. NOTE: this requires that a low public exponent (such as 3) is being used. The product, by default, does not generate RSA keys with such a low number.Show less