{
  "_class" : "io.jenkins.plugins.analysis.core.restapi.ReportApi",
  "issues" : [
    {
      "addedAt" : 0,
      "authorEmail" : "-",
      "authorName" : "-",
      "baseName" : "bcpkix-jdk18on-1.78.1.jar",
      "category" : "",
      "columnEnd" : 0,
      "columnStart" : 0,
      "commit" : "-",
      "description" : "",
      "fileName" : "/usr/local/tomcat/webapps/govwayAPIMonitor.war/WEB-INF/lib/bcpkix-jdk18on-1.78.1.jar",
      "fingerprint" : "FALLBACK-79f4fe14",
      "lineEnd" : 1,
      "lineStart" : 1,
      "message" : "CVE-2025-8916: LanguageSpecificPackageVulnerability\u000a\u000aorg.bouncycastle: BouncyCastle denial of service\u000a\u000aFor additional help see: **Vulnerability CVE-2025-8916**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|MEDIUM|org.bouncycastle:bcpkix-jdk18on|1.79|[CVE-2025-8916](https://avd.aquasec.com/nvd/cve-2025-8916)|\u000a\u000aAllocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files  https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java ,  https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java .\u000a\u000aThis issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.\u000a\u000aPackage: org.bouncycastle:bcpkix-jdk18on\u000aInstalled Version: 1.78.1\u000aVulnerability CVE-2025-8916\u000aSeverity: MEDIUM\u000aFixed Version: 1.79\u000aLink: [CVE-2025-8916](https://avd.aquasec.com/nvd/cve-2025-8916)",
      "moduleName" : "",
      "origin" : "trivy",
      "originName" : "Trivy Security Scanner",
      "packageName" : "-",
      "reference" : "1278",
      "severity" : "NORMAL",
      "toString" : "bcpkix-jdk18on-1.78.1.jar(1,0): CVE-2025-8916: : CVE-2025-8916: LanguageSpecificPackageVulnerability\u000a\u000aorg.bouncycastle: BouncyCastle denial of service\u000a\u000aFor additional help see: **Vulnerability CVE-2025-8916**\u000a| Severity | Package | Fixed Version | Link |\u000a| --- | --- | --- | --- |\u000a|MEDIUM|org.bouncycastle:bcpkix-jdk18on|1.79|[CVE-2025-8916](https://avd.aquasec.com/nvd/cve-2025-8916)|\u000a\u000aAllocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files  https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java ,  https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathRevi... https://github.Com/bcgit/bc-java/blob/main/prov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java .\u000a\u000aThis issue affects Bouncy Castle for Java: from BC 1.44 through 1.78, from BCPKIX FIPS 1.0.0 through 1.0.7, from BCPKIX FIPS 2.0.0 through 2.0.7.\u000a\u000aPackage: org.bouncycastle:bcpkix-jdk18on\u000aInstalled Version: 1.78.1\u000aVulnerability CVE-2025-8916\u000aSeverity: MEDIUM\u000aFixed Version: 1.79\u000aLink: [CVE-2025-8916](https://avd.aquasec.com/nvd/cve-2025-8916)",
      "type" : "CVE-2025-8916"
    }
  ],
  "size" : 1,
  "toString" : "1 warning (normal: 1)"
}