Steven Madec

**Name of the Vulnerable Software and Affected Versions** PQClean version d03da30 **Description** The issue allows universal forgeries of digital signatures via a template side-channel attack because of intermediate data leakage of one vector. This is related to CRYSTALS-DILITHIUM in Post-Quantum Cryptography Selected Algorithms 2022. **Recommendations** For PQClean version d03da30, consider applying a patch or fix to prevent intermediate data leakage and mitigate the risk of universal forgeries of digital signatures. As a temporary workaround, consider restricting access to the digital signature functionality until a patch is available.