A timing attacker against ECDSA signature generation is able to obtain information from the secret nonce measuring the time an ECDSA signature generation takes. Current NSS code path has a countermeasure to prevent this know attack since 2011. However it was found that said countermeasure could be completely bypassed. CREATE(Triage):(User=admin) [CVE-2020-12401|https://nvd.nist.gov/vuln/detail/CVE-2020-12401]
