git-vuln-finder on


Find potential software vulnerabilities from git commit messages.

The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search is based on a set of regular expressions against the commit messages only. If CVE IDs are present, those are added automatically in the output. The input can be any git repositories or a GitHub archive source.