osv-scanner
« Back to VersTracker
Description:
Vulnerability scanner which uses the OSV database
Type: Formula  |  Latest Version: 2.3.1@0  |  Tracked Since: Dec 11, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security vulnerability scanner dependencies osv
Install: brew install osv-scanner
About:
osv-scanner scans your project's dependencies against the Open Source Vulnerabilities (OSV) database to identify known security issues. It supports multiple lock file formats and SBOMs, providing a clear report of vulnerabilities that affect your specific environment. This tool helps developers proactively secure their software supply chain by integrating vulnerability checks into the development workflow.
Key Features:
  • Supports multiple lock file formats (package.json, go.mod, etc.) and SBOMs
  • Uses the official OSV database for accurate, upstream vulnerability data
  • Provides actionable remediation advice for found vulnerabilities
  • Can be run locally or as part of a CI/CD pipeline
Use Cases:
  • CI/CD pipeline integration for automated security scanning
  • Local development environment checks before committing code
  • Auditing existing projects for known vulnerabilities
Alternatives:
  • trivy – Trivy is a more comprehensive scanner that also scans container images and infrastructure configurations, whereas osv-scanner focuses primarily on dependency vulnerabilities.
  • snyk – Snyk offers a commercial platform with additional features like monitoring and remediation teams, while osv-scanner is a free, open-source CLI tool.
Version History
Detected Version Rev Change Commit
Dec 11, 2025 8:14am 0 VERSION_BUMP 00cdfd11
Oct 1, 2025 5:18am 0 VERSION_BUMP 73ee4a3e
Sep 16, 2025 9:56am 0 VERSION_BUMP 1f3743b4
Dec 19, 2024 6:20am 0 VERSION_BUMP 15ebfb7b
Dec 19, 2024 5:09am 0 VERSION_BUMP e2a907ae
Oct 31, 2024 1:01am 0 VERSION_BUMP 72fd9209
Oct 2, 2024 6:48am 0 VERSION_BUMP e03ebd27
« Back to VersTracker  |  Browse Packages  |  About