Google Launches Open Source Vulnerabilities Database

Google has launched the Open Source Vulnerabilities (OSV) database as a way to “improve vulnerability triage for developers and consumers of open source software.”

“The goal of OSV is to provide precise data on where a vulnerability was introduced and where it got fixed, thereby helping consumers of open source software accurately identify if they are impacted and then make security fixes as quickly as possible,” the announcement states.

Additionally, Google says, the OSV automates the triage workflow by providing an API to query for vulnerabilities

Comments