When using OWASP Dependency-Check Jenkins Plugin to Publish results of a scan done by OWASP Maven Plugin of a Maven project with multiple modules that are dependent on the same internal modules, that are in turn dependent on third-party librarIes with known vulnerabilities, the same vulnerability records are listed multiple times. This makes the vulnerability report produced by the Publish action extremely hard to use. Vulnerability records should be de-duplicated by FindingsAggregator and only unique entries should be added to the report and graph.