nss is vulnerable to information disclosure. An attacker is able to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation when using the EM side-channel. With the partial information of the ECDSA nonce and given a small number of ECDSA signatures, this information can be used to steal the private key. This vulnerability is similar to CVE-2020-6829.