Dependency Check
OWASP Dependency Check output can be imported in Xml format. This parser ingests the vulnerable dependencies and inherits the suppressions.
- Suppressed vulnerabilities are tagged with the tag:
suppressed
. - Suppressed vulnerabilities are marked as mitigated.
- If the suppression is missing any
<notes>
tag, it tags them asno_suppression_document
. - Related vulnerable dependencies are tagged with
related
tag.
Sample Scan Data
Sample Dependency Check scans can be found here.
Last modified November 18, 2024: Merge pull request #11287 from DefectDojo/master-into-dev/2.40.2-2.41.0-dev (3b0fd30)