KNOX-1660 did this about a year ago. Would be good to add new suppressions since there are a few false positives in the owasp report.
Upgrade dom4j to 2.1.1
Upgrade mina-core to 2.0.21
Add OWASP suppression for cas-client-core
OWASP Add suppressions for false positives
GitHub Pull Request #184