Bouncy Castle Vulnerability Risk

Hello,

There is a high severity rating for Bouncy Castle, We would like to have a response from Oracle if the 1.66 version is exploitable from the directory it currently resides in.

[weblogic@lll-prd-usw2-app-101-p current]$ find . -name bcprov*

./oracle_common/modules/thirdparty/bcprov-ext-jdk15on-1.60.jar

./oracle_common/modules/thirdparty/bcprov-jdk15on-1.60.jar

./oracle_common/modules/thirdparty/features/bcprov-ext-jdk15on_1.60.0.0.0.jar

./oracle_common/modules/thirdparty/features/bcprov-ext-jdk15on.jar

./oracle_common/modules/thirdparty/features/bcprov-jdk15on_1.60.0.0.0.jar

./oracle_common/modules/thirdparty/features/bcprov-jdk15on.jar

./oracle_common/plugins/maven/com/oracle/org/bouncycastle/bcprov

./oracle_common/plugins/maven/com/oracle/org/bouncycastle/bcprov/ext/jdk15on/bcprov-ext-jdk15on-1.60