Gradle task :dependencyCheckAnalyze gives different result depending on version of AGP

[Pururun]

Describe the bug
Running the :dependencyCheckAnalyze gradle task gives different result depending on which version of the android gradle plugin is used. This is despite the dependencies that generate the CVE errors have not changed.

Version of dependency-check used
Using org.owasp:dependency-check-gradle:9.2.0
Also seen this behaviour on 9.0.9

Log file
https://gist.github.com/Pururun/89199a37e9794bac5969193f2a5ed685

To Reproduce
Update to AGP 8.4 or 8.5

Expected behavior
Consistent behaviour regardless of AGP version.

Additional context
Here is our configuration if gradle:

global gradle

allprojects {
   configure<org.owasp.dependencycheck.gradle.extension.DependencyCheckExtension> {
        failBuildOnCVSS = 0F // All severity levels
        suppressionFile = "${rootProject.projectDir}/config/dependency-check-suppression.xml"
    }
}

test gradle

configure<org.owasp.dependencycheck.gradle.extension.DependencyCheckExtension> {
    // Skip the lintClassPath configuration, which relies on many dependencies that has been flagged
    // to have CVEs, as it's related to the lint tooling rather than the project's compilation class
    // path. The alternative would be to suppress specific CVEs, however that could potentially
    // result in suppressed CVEs in project compilation class path.
    skipConfigurations = listOf("lintClassPath")
    suppressionFile = "$projectDir/../test-suppression.xml"
}

Here is the suppress file for the app:
https://github.com/mullvad/mullvadvpn-app/blob/main/android/config/dependency-check-suppression.xml

Suppression file for tests:
https://github.com/mullvad/mullvadvpn-app/blob/main/android/test/test-suppression.xml