Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-54838

OWASP Dependency-Check plugin loses trace of bcprov-jdk15on.jar vulnerabilities

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      We're using the Dependency-Check Jenkins plugin version 3.3.4 to analyze our software and are experimenting a buggy behavior. Every time we do a scan the plugin says that we got: 

      12 new vulnerabilities
      12 Fixed vulnerabilities

      And the problem is that all of them are the same vulnerabilities, scan after scan, related to the Bouncy Castle provider: bcprov-jdk15on.jar

        Attachments

          Activity

            People

            Assignee:
            sspringett Steve Springett
            Reporter:
            pachulo Marc P
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: