OSS INDEX
Repository Component Intelligence
Learn more about binaries cached in your Nexus Repositories with Sonatype OSS Index data.
Vulnerability details for your components.
Search millions of components to find known, publicly disclosed vulnerabilities across a wide range of ecosystems.
Component based matching for enhanced intelligence.
Designed for fast, actionable insights when analyzing open source repository components.
Repository security reports.
Get a full summary of security vulnerabilities in your Nexus OSS repositories.
Get Started
* Required fields.
Vulnerability details for your components.
Search millions of components to find known, publicly disclosed vulnerabilities across a wide range of ecosystems.
Component based matching for enhanced intelligence.
Designed for fast, actionable insights when analyzing open source repository components.
Repository security reports.
Get a full summary of security vulnerabilities in your Nexus OSS repositories.

Need DevSecOps at Scale?
OSS Index and the associated tools are and always will be free to the community. The data we gather is derived from public sources, and does not include human curated intelligence nor expert remediation guidance.
Software development teams who want to scale this information, and automated open source governance with precise, curated and highly actionable intelligence across their entire SDLC should check out the Nexus Platform. Release faster while controlling open source risk.


Intercept malicious open source at the door.

Reduce risk across software development.
