Find FOSS vulnerabilities,
improve FOSS security.
VulnerableCode is a FOSS tool to automate search for FOSS security vulnerabilities.
By collecting and parsing data from many sources, identifying packages using a standardized package-url, and accessing the data through a REST API, VulnerableCode addresses key security concerns for using FOSS code in modern applications.