Vanir#
Description#
Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together with their corresponding signatures so that users can transparently scan missing patches for an up-to-date list of CVEs. Check also https://security.googleblog.com/2024/12/announcing-launch-of-vanir-open-source.html.
Home page for this solution: google/vanir
Overview#
Key |
Value |
|---|---|
Name |
vanir |
Description |
Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together with their corresponding signatures so that users can transparently scan missing patches for an up-to-date list of CVEs. |
License |
BSD 3-Clause “New” or “Revised” License |
Programming Language |
Python |
Created |
2024-08-07 |
Last update |
2025-03-27 |
Github Stars |
329 |
Project Home Page |
|
Code Repository |
|
OpenSSF Scorecard |
Note:
Created date: date that repository is created on Github.com.
Last update: Latest date an update of repository is detected on Jun 27, 2025.
Do not attach much value to github stars. Its a vanity metric! Star counts are misleading and don’t indicate if the SBB is high-quality or popular.