{% extends 'base.html' %} {% set active_section = 'about' %} {% block content %}

About OSV

Open full documentation

Commonly asked questions

Why did you create OSV?

We created OSV to address some of the shortcomings of dealing with vulnerabilities in open source software.

As believers of automation, we initially built OSV for our OSS-Fuzz service, where we needed a way to store, triage and query the large numbers of open source vulnerabilities we discover in an automated and precise fashion. Since then we have expanded this to include vulnerabilities in many more open source ecosystems.

See our blog posts for more details:

Who is OSV for?

OSV can be used by both:

  • Open source consumers: By querying our API to find vulnerabilities in their dependencies.
  • Open source maintainers: By using our automation infrastructure to determine accurate affected commits and versions when a vulnerability is fixed. Currently this works for bugs found by OSS-Fuzz, but we are working to make this more generally available.
{% endblock %}