What is OSV?

OSV (Open Source Vulnerabilities) is a distributed, community-driven effort to improve the detection and resolution of vulnerabilities in open source software. It provides a precise, machine-readable vulnerability database using version ranges and commit hashes to identify affected code. This allows for accurate vulnerability matching, reducing false positives and improving the speed of vulnerability detection in software dependencies. OSV is used by software developers, security researchers, and automated security tools to identify, track, and remediate vulnerabilities in open source components.