Analyzed
1 day
ago.
based on code collected
1 day
ago.
Project Summary
The CompCert project investigates the formal verification of realistic compilers usable for critical embedded software. Such verified compilers come with a mathematical, machine-checked proof that the generated executable code behaves exactly as prescribed by the semantics of the source program. By ruling out the possibility of compiler-introduced bugs, verified compilers strengthen the guarantees that can be obtained by applying formal methods to source programs.
The main result of the project is the CompCert C verified compiler, a high-assurance compiler for almost all of the C language (ISO C99), generating efficient code for the PowerPC, ARM, RISC-V and x86 processors.
In a Nutshell, CompCert...
- ...
- ...
-
...
has a well established, mature codebase
maintained by a large development team
with stable Y-O-Y commits -
...
took an estimated 54 years of effort (COCOMO model)
starting with its first commit in February, 2006
ending with its most recent commit 24 days ago
Quick Reference
https://github.com/AbsInt/CompCert
Project Security
Vulnerabilities per Version ( last 10 releases )
There are no reported vulnerabilities
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
there are over 3,000 projects on the Open Hub with security vulnerabilities reported against them
-
...
you can embed statistics from Open Hub on your site
-
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
-
...
data presented on the Open Hub is available through our API
30 Day SummaryOct 13 2025 — Nov 12 2025
|
12 Month SummaryNov 12 2024 — Nov 12 2025
|
