The vulnerability does not appear in the report

I use the dependency-check plugin, which shows a vulnerable dependency, but it is not in the main report

Please advise on where to look to understand the causes and fix them

Hey there.

I would suggest raising an issue with dependency-check/dependency-check-sonar-plugin who maintain this plugin.

Thx, but may be any ideas?