Botan Project: >> Botan >> 1.11.28 Security Vulnerabilities
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a modular inverse on the signature nonce k, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-05-13
Page 2