Ján Jančár

**Name of the Vulnerable Software and Affected Versions** EU Technical Specifications for Digital COVID Certificates versions prior to 1.1 **Description** The issue concerns the mishandling of certificate governance, potentially allowing a non-production public key certificate to be used in production. **Recommendations** For versions prior to 1.1, ensure proper certificate governance to prevent the use of non-production public key certificates in production environments.

**Name of the Vulnerable Software and Affected Versions** wolfSSL and wolfCrypt versions 4.1.0 and earlier **Description** The issue allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. This occurs because the `dsa.c` file fixes two bits of the generated nonces, leading to biased DSA nonces. **Recommendations** For versions 4.1.0 and earlier, consider updating to a version that generates unbiased DSA nonces to prevent lattice attacks. As a temporary workaround, restrict the use of DSA signatures until a patch is available.

Name of the Vulnerable Software and Affected Versions: Botan versions prior to 2.9.0 Description: A side-channel issue was discovered that affects the ECC key generation process. An attacker capable of precisely measuring the time taken for key generation may be able to derive information about the high bits of the secret key. This is due to the use of an unblinded Montgomery ladder in the function to derive the public point from the secret scalar, whose loop iteration count depends on the bitlength of the secret. This issue only affects key generation and does not impact ECDSA signatures or ECDH key agreement. Recommendations: For versions prior to 2.9.0, update to version 2.9.0 or later to resolve the issue. As a temporary workaround, consider implementing timing-based mitigations to minimize the risk of exploitation.