In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade com.ongres.scram:scram-common to version 3.3 or higher.
Affected versions of this package are vulnerable to Not Failing Securely ('Failing Open') in the TlsServerEndpoint process when a server presents an X.509 certificate using a modern signature algorithm lacking traditional naming structures. An attacker can bypass strict client-side enforcement policies by performing a TLS man-in-the-middle attack that silently downgrades authentication from channel-bound to non-channel-bound modes. This is only exploitable if the downstream application layer explicitly enforces strict channel binding enforcement.