Sean Devlin

**Name of the Vulnerable Software and Affected Versions** Botan versions prior to 1.10.13 Botan versions 1.11.x prior to 1.11.29 **Description** The issue is related to the modular inverse operation on the signature nonce k in the ECDSA algorithm. It does not use a constant-time algorithm, which might allow remote attackers to obtain ECDSA secret keys via a timing side-channel attack. **Recommendations** For versions prior to 1.10.13, update to version 1.10.13 or later. For versions 1.11.x prior to 1.11.29, update to version 1.11.29 or later.