Install OSV-Scanner on Ubuntu 24.04

Install OSV-Scanner on Ubuntu 24.04

OSV-Scanner is an open-source vulnerability scanner developed by Google that helps developers and security teams identify vulnerabilities in their open-source dependencies. It works by scanning software projects for known security vulnerabilities using data from the OSV database. This tutorial demonstrates how to install OSV-Scanner on Ubuntu 24.04.

Install OSV-Scanner

Download the executable to the /usr/local/bin directory:

sudo wget -qO /usr/local/bin/osv-scanner https://github.com/google/osv-scanner/releases/latest/download/osv-scanner_linux_amd64

Set execute permission for file:

sudo chmod a+x /usr/local/bin/osv-scanner

Execute the following command to verify the OSV-Scanner version:

osv-scanner --version

Testing OSV-Scanner

For testing purpose, clone the repository:

git clone https://github.com/google/osv-scanner.git osv-scanner-src

Next, use the following command to scan the cloned repository for vulnerabilities:

osv-scanner -r osv-scanner-src

This scans the repository for known vulnerabilities using the OSV database and provides a detailed report of any issues found.

╭─────────────────────────────────────┬──────┬───────────┬────────────────────────────────┬─────────┬─────────────────────────────────────────────────────────────────────────────────╮
│ OSV URL                             │ CVSS │ ECOSYSTEM │ PACKAGE                        │ VERSION │ SOURCE                                                                          │
├─────────────────────────────────────┼──────┼───────────┼────────────────────────────────┼─────────┼─────────────────────────────────────────────────────────────────────────────────┤
│ https://osv.dev/GHSA-jfvp-7x6p-h2pv │ 4.8  │ Go        │ github.com/opencontainers/runc │ v1.0.1  │ osv-scanner-src/cmd/osv-scanner/fixtures/sbom-insecure/postgres-stretch.cdx.xml │
│ https://osv.dev/GO-2024-3110        │      │           │                                │         │                                                                                 │
│ https://osv.dev/GHSA-9wv6-86v2-598j │ 7.7  │ npm       │ path-to-regexp                 │ 2.2.1   │ osv-scanner-src/internal/remediation/fixtures/santatracker/package-lock.json    │
╰─────────────────────────────────────┴──────┴───────────┴────────────────────────────────┴─────────┴─────────────────────────────────────────────────────────────────────────────────╯

Uninstall OSV-Scanner

To uninstall OSV-Scanner, delete the associated file:

sudo rm -rf /usr/local/bin/osv-scanner

Related

Leave a Comment

Cancel reply

Your email address will not be published.