Dependency Check
OWASP Dependency Check output can be imported in Xml format. This parser ingests the vulnerable dependencies and inherits the suppressions.
- Suppressed vulnerabilities are tagged with the tag:
suppressed. - Suppressed vulnerabilities are marked as mitigated.
- If the suppression is missing any
<notes>tag, it tags them asno_suppression_document. - Related vulnerable dependencies are tagged with
relatedtag.
Sample Scan Data
Sample Dependency Check scans can be found here.
Last modified January 19, 2024: :sparkles: advance parser docs to provide sample scan data (#9347) (f1e435e59)