dependency-check / dependency-check-sonar-plugin

Integrates Dependency-Check reports into SonarQube
602 stars 135 forks source link

Dependency Checks displaying vulnerabilites but not appearing on Sonar #1018

Open TheTricky65 opened 20 hours ago

TheTricky65 commented 20 hours ago

So I have this project I'm scanning with OWASP DC and can't figure out why it's KPIs are found on DC page but not on Sonar.

When I look into the Issues tab I can't find any "owasp-a9" tag which is supposed to appear when detecting DC vulnerabilites.

Here are some screenshots:

image

image (1)