类库
› osv-scanner
google/osv-scanner
OSV-Scanner是一个用Go语言编写的漏洞扫描工具,主要用于检测项目依赖中的安全漏洞。它基于OSV.dev的漏洞数据库,支持扫描多种编程语言、包管理器、操作系统软件包以及容器镜像,并提供修复建议。
技术栈
cmd/osv-scanner/fix/testdata/override-maven java
查看全部依赖 (4)
依赖
org.apache.httpcomponents:httpclient
org.apache.maven.wagon:wagon-http
org.codehaus.plexus:plexus-utils
org.jsoup:jsoup
cmd/osv-scanner/fix/testdata/relax-npm javascript
查看全部依赖 (1)
依赖
npm-registry-client
6.2.0
cmd/osv-scanner/mcp/testdata/go-project go
查看全部依赖 (1)
依赖
github.com/ipfs/go-bitfield
v1.0.0
cmd/osv-scanner/scan/image/testdata/java-fixture/app java
查看全部依赖 (2)
依赖
org.apache.commons:commons-compress
org.apache.hadoop:hadoop-client
cmd/osv-scanner/scan/image/testdata/package-tracing-fixture go
查看全部依赖 (1)
依赖
github.com/BurntSushi/toml
v1.4.0
cmd/osv-scanner/scan/image/testdata/python-fixture python
框架
Django
Flask
网络
Requests
查看全部依赖 (12)
依赖
Django
Flask
Jinja2
MarkupSafe
Werkzeug
certifi
chardet
click
idna
itsdangerous
pytz
urllib3
cmd/osv-scanner/scan/image/testdata/test-image-with-deprecated rust
查看全部依赖 (1)
依赖
url
2.5.3
cmd/osv-scanner/scan/source/testdata/call-analysis-go-project-all-uncalled go
查看全部依赖 (1)
依赖
github.com/gogo/protobuf
v1.3.1
cmd/osv-scanner/scan/source/testdata/call-analysis-go-project go
查看全部依赖 (3)
依赖
github.com/gogo/protobuf
v1.3.1
github.com/ipfs/go-bitfield
v1.0.0
golang.org/x/image
v0.4.0
cmd/osv-scanner/scan/source/testdata/locks-licenses javascript
查看全部依赖 (4)
依赖
babel
^6.23.0
human-signals
^5.0.0
ms
^2.1.3
type-fest
^4.26.1
cmd/osv-scanner/scan/source/testdata/locks-requirements python
框架
Django
Flask
网络
Requests
cmd/osv-scanner/scan/source/testdata/maven-transitive java
查看全部依赖 (1)
依赖
org.apache.logging.log4j:log4j-web
cmd/osv-scanner/update/testdata java
查看全部依赖 (4)
依赖
com.fasterxml.jackson.core:jackson-core
junit:junit
org.apache.logging.log4j:log4j-api
org.slf4j:slf4j-migrator
根目录 go
查看全部依赖 (31)
依赖
charm.land/glamour/v2
v2.0.0
charm.land/lipgloss/v2
v2.0.3
deps.dev/api/v3
v3.0.0-20260225225317-765e10b45d5b
deps.dev/api/v3alpha
v0.0.0-20260225225317-765e10b45d5b
github.com/BurntSushi/toml
v1.6.0
github.com/CycloneDX/cyclonedx-go
v0.10.0
github.com/gkampitakis/go-snaps
v0.5.21
github.com/go-git/go-git/v5
v5.18.0
github.com/gobwas/glob
v0.2.3
github.com/google/go-cmp
v0.7.0
github.com/google/osv-scalibr
v0.4.6-0.20260318175007-ec4239d68fb9
github.com/ianlancetaylor/demangle
v0.0.0-20251118225945-96ee0021ea0f
github.com/jedib0t/go-pretty/v6
v6.7.9
github.com/modelcontextprotocol/go-sdk
v1.5.0
github.com/opencontainers/go-digest
v1.0.0
github.com/ossf/osv-schema/bindings/go
v0.0.0-20260304051245-ec3272c283e4
github.com/owenrumney/go-sarif/v3
v3.3.0
github.com/package-url/packageurl-go
v0.1.5
github.com/pandatix/go-cvss
v0.6.2
github.com/tidwall/gjson
v1.18.0
github.com/tidwall/pretty
v1.2.1
github.com/tidwall/sjson
v1.2.5
github.com/urfave/cli/v3
v3.8.0
go.yaml.in/yaml/v4
v4.0.0-rc.4
golang.org/x/sync
v0.20.0
golang.org/x/term
v0.42.0
golang.org/x/vuln
v1.1.4
google.golang.org/grpc
v1.80.0
google.golang.org/protobuf
v1.36.11
gopkg.in/dnaeon/go-vcr.v4
v4.0.6
osv.dev/bindings/go
v0.0.0-20260306051416-1f963c5a9f4f
internal/scalibrenricher/govulncheck/source/testdata go
查看全部依赖 (3)
依赖
github.com/gogo/protobuf
v1.3.1
github.com/ipfs/go-bitfield
v1.0.0
golang.org/x/image
v0.4.0
internal/sourceanalysis/testdata/go-integration/test-project go
查看全部依赖 (3)
依赖
github.com/gogo/protobuf
v1.3.1
github.com/ipfs/go-bitfield
v1.0.0
golang.org/x/image
v0.4.0
截图
