Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase...
Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.
A .NET Core global tool to check the packages for known vulnerabilities
Monitors for new or updated dependencies and provides vulnerability information wihthin the editor
Audits nodejs dependencies for known vulnerabilities.
Implement vulnerabilities scanning on top of package management system like apt, pip, composer...
Python library for querying OSS Index
Generated API client for Sonatype OSS Index in Go