Dependency Check
OWASP Dependency Check output can be imported in Xml format. This parser ingests the vulnerable dependencies and inherits the suppressions.
- Suppressed vulnerabilities are tagged with the tag:
suppressed
. - Suppressed vulnerabilities are marked as mitigated.
- If the suppression is missing any
<notes>
tag, it tags them asno_suppression_document
. - Related vulnerable dependencies are tagged with
related
tag.
Sample Scan Data
Sample Dependency Check scans can be found here.
Last modified May 1, 2024: Create link_knowledge-base.md (#10075) (b3f13f2)