Pqclean · Pqclean · CVE-2023-24025
**Name of the Vulnerable Software and Affected Versions**
PQClean version d03da30
**Description**
The issue allows universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector. This is related to CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022.
**Recommendations**
For PQClean version d03da30, consider applying a patch or fix to prevent intermediate data leakage and mitigate the risk of universal forgeries of digital signatures. As a temporary workaround, consider restricting access to the digital signature functionality until a patch is available.