Welcome to VulnerableCode!

VulnerableCode provides an open database of software packages that are affected by known security vulnerabilities aka. “vulnerable packages”.

VulnerableCode is also a free and open source software (FOSS) project that provides the tools to build this open database. The tools handle collecting, aggregating and correlating these vulnerabilities and relating them to a correct package version. Our project also supports a public cloud instance of this database - VulnerableCode.io.

In this documentation you will find information on:

  • An overview of VulnerableCode and what you can do with it

  • Installation instructions

  • How to make technical contributions to the project and the community

Indices and tables