Dependency Check
OWASP Dependency Check output can be imported in Xml format. This parser ingests the vulnerable dependencies and inherits the suppressions.
- Suppressed vulnerabilities are tagged with the tag:
suppressed. - Suppressed vulnerabilities are marked as mitigated.
- If the suppression is missing any
<notes>tag, it tags them asno_suppression_document. - Related vulnerable dependencies are tagged with
relatedtag.
Sample Scan Data
Sample Dependency Check scans can be found here.
Default Deduplication Hashcode Fields
By default, DefectDojo identifies duplicate Findings using these hashcode fields:
- title
- cwe
- file path