Some security scanners report a medium level severity in BouncyCastle 1.68 due to hash collisions in support of BKSv1 keystores. It's considered fixed in BC 1.69 due to:

"The old BKS-V1 format keystore is now disabled by default. If you need to use BKS-V1 for legacy reasons, it can be re-enabled by adding:
org.bouncycastle.bks.enable_v1=true"

Please consider updating to avoid these kinds of warnings when projects are scanned with jruby-openssl.