get
InactiveTool of Osv Dev
AUTHORITATIVE vulnerability detail by advisory ID. Pass any GHSA-* (GitHub Security Advisory), CVE-* (MITRE), PYSEC-* (Python), RUSTSEC-* (Rust), GO-* (Go), or other OSV-format ID. Returns summary, full details (truncated at 1500 chars), CVSS severity vector + extracted level (critical/high/medium/low), published + modified dates, affected ecosystems with version ranges + fix versions, references (NIST/GitHub/commit/upstream patch). Use after deps.dev / scan_dependency gives you an ID and you need "how bad is this and how do I fix it".
Parameters schema
{
"type": "object",
"examples": [
{
"vuln_id": "CVE-2021-44228"
},
{
"vuln_id": "GHSA-7g5f-wrx8-5ccf"
}
],
"required": [
"vuln_id"
],
"properties": {
"vuln_id": {
"type": "string",
"description": "Advisory ID — e.g. \"GHSA-29mw-wpgm-hmr9\", \"CVE-2021-44228\", \"PYSEC-2022-43012\"."
}
}
}No endpoints wrapped at confidence ≥ 0.70.
Parent server
Osv Dev
https://github.com/pipeworx-io/mcp-osv-dev
1/7 registries