OSV
CreatedBIGdeadLock
Provides a lightweight Model Context Protocol (MCP) server implementation for the OSV Database API.
About
OSV is a lightweight MCP (Model Context Protocol) server designed to interface with the OSV Database API. It enables users to query the OSV database for CVE (Common Vulnerabilities and Exposures) information related to software packages, including retrieving CVE IDs for a specific package, identifying affected versions for a given CVE, and determining the versions that include fixes for a specific CVE. This server streamlines the process of integrating OSV vulnerability data into other tools and workflows.
Key Features
- Fetch CVEs related to a specific package.
- Identify versions that fix a specific CVE.
- Supports integration with tools like Cursor via MCP.
- Retrieve all affected versions for a given CVE ID.
- Query package CVEs with optional version and ecosystem filtering.
- 1 GitHub stars
Use Cases
- Integration of OSV data into IDEs for real-time vulnerability alerts.
- Automated vulnerability scanning in software development pipelines.
- Vulnerability analysis and reporting for software packages.