Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
a software package vulnerability checker
branch: master

This branch is 6 commits behind jschauma:master


'yvc' is a software package vulnerability checker.

'yvc' compares the given package name against the list of known
vulnerabilities and reports any security issues. This output contains the
name and version of the package, the type of vulnerability, and a URL for
further information for each vulnerable package.

'yvc' was conceptually based on NetBSD's audit-packages program (see and was written by
Jan Schaumann <> in 2008 while working at Yahoo!
Inc.  Yahoo! open sourced this tool in the hopes that it will be useful to
other people -- unless otherwise noted, all files are released under the
terms of a 3-clause BSD license as noted in the file LICENSE.

The 'y' in yvc can stand for a number of things.  Make up your own.

'yvc' has a rudimentary website at:
Something went wrong with that request. Please try again.