April 2024


Leverage the OSV-Scanner to detect vulnerabilities in your project's dependencies. The OSV-Scanner is an officially supported interface to the OSV database, linking your project’s dependency list directly to relevant security vulnerabilities. The database is open source and decentralized, offering numerous advantages over proprietary advisory databases and scanners:

  • Each advisory originates from a transparent and credible source, such as the RustSec Advisory Database.
  • The community can contribute enhancements to the advisories, ensuring the database maintains high quality.
  • The OSV format records details about the affected versions in a machine-readable format, aligning precisely with the package lists used by developers.
Release Notes