OSV-Scanner

Install latest/stable of OSV-Scanner

Ubuntu 16.04 or later?

Make sure snap support is enabled in your Desktop store.


Install using the command line

sudo snap install osv-scanner

Don't have snapd? Get set up for snaps.

Channel Version Published

Vulnerability scanner for project's dependencies

OSV-Scanner is a vulnerability scanner that examines your project's list of dependencies and reports any vulnerabilities that affect the versions you're using.

As of December 2023, it supports lockfiles from C, C++, Dart, Elixir, Go, Java, JavaScript, PHP, Python, R, Ruby, and Rust. It also supports custom lockfiles: simply write some glue code to convert your lockfile into an intermediary JSON file with a particular format, and OSV-Scanner will comprehend the latter.

After confirming that a reported vulnerability is a false positive or discovering mitigations other than upgrading the package, OSV-Scanner provides the option to suppress it so that future runs will not display it.

Details for OSV-Scanner

License
  • GPL-3.0

Last updated
  • 15 December 2023 - latest/stable
  • 14 July 2024 - latest/edge

Websites

Contact

Source code

Report a bug

Report a Snap Store violation

Share this snap

Generate an embeddable card to be shared on external websites.


Install OSV-Scanner on your Linux distribution

Choose your Linux distribution to get detailed installation instructions. If yours is not shown, get more details on the installing snapd documentation.


Where people are using OSV-Scanner

Users by distribution (log)

Ubuntu 22.04
Ubuntu 24.04
Ubuntu 20.04
Ubuntu 23.10
Kali Linux 2024.2
Ubuntu 18.04