-: FOLLOW US :- @theinsaneapp
Google released OSV-Scanner as an open-source interface to the Open Source Vulnerability database.
-: FOLLOW US :- @theinsaneapp
OSV Database is an open-source distributed database that stores vulnerability information using the OSV format.
-: FOLLOW US :- @theinsaneapp
OSV-Scanner is a tool that evaluates a project's dependencies against the OSV database, showing all vulnerabilities related to that project.
-: FOLLOW US :- @theinsaneapp
OSV-Scanner is used to determine all dependencies in a project by first analyzing manifests, software bills of materials (SBOMs), commit hashes, and other information.
-: FOLLOW US :- @theinsaneapp
This information can be used to query OSV and discuss vulnerabilities related to the project.
-: FOLLOW US :- @theinsaneapp
Vulnerabilities can be reported in tabular or optionally in the JSON-based OSV format.
-: FOLLOW US :- @theinsaneapp
OSV-Scanner can be downloaded via GitHub under Apache License 2.0.