Vulnerability	Vulnerable Version
M Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') io.quarkus:quarkus-grpc is a Cloud Native, (Linux) Container First framework for writing Java applications. Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') such that the TLS protocol configured with `quarkus.http.ssl.protocols` is not enforced, and the client can force the selection of the weaker supported TLS protocol. How to fix Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')? Upgrade `io.quarkus:quarkus-grpc` to version 2.16.8.Final, 3.2.1.Final or higher.	[,2.16.8.Final)[3.0.0.Alpha1,3.2.1.Final)

Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')

io.quarkus:quarkus-grpc is a Cloud Native, (Linux) Container First framework for writing Java applications.

Affected versions of this package are vulnerable to Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') such that the TLS protocol configured with quarkus.http.ssl.protocols is not enforced, and the client can force the selection of the weaker supported TLS protocol.

How to fix Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade')?

Upgrade io.quarkus:quarkus-grpc to version 2.16.8.Final, 3.2.1.Final or higher.

[,2.16.8.Final)[3.0.0.Alpha1,3.2.1.Final)

Go back to all versions of this package