Aspect-level information discrepancies across heterogeneous vulnerability reports: Severity, types and detection methods
Vulnerable third-party libraries pose significant threats to software applications that reuse
these libraries. At an industry scale of reuse, manual analysis of third-party library …
these libraries. At an industry scale of reuse, manual analysis of third-party library …
Silent vulnerable dependency alert prediction with vulnerability key aspect explanation
Due to convenience, open-source software is widely used. For beneficial reasons, open-
source maintainers often fix the vulnerabilities silently, exposing their users unaware of the …
source maintainers often fix the vulnerabilities silently, exposing their users unaware of the …
Cvecenter: Industry practice of automated vulnerability management for linux distribution community
Vulnerability management is a time-consuming and labor-intensive task for Linux
distribution maintainers. It involves the continuous identification, assessment, and fixing of …
distribution maintainers. It involves the continuous identification, assessment, and fixing of …
Where is it? Tracing the Vulnerability-Relevant Files from Vulnerability Reports
With the widely usage of open-source software, supply-chain-based vulnerability attacks,
including SolarWind and Log4Shell, have posed significant risks to software security …
including SolarWind and Log4Shell, have posed significant risks to software security …
PR-GNN: Enhancing PoC Report Recommendation with Graph Neural Network
J Lu, S Huang - 2024 IEEE 40th International Conference on …, 2024 - ieeexplore.ieee.org
There has been a growing number of software supply chain vulnerabilities disclosed
annually, posing increasingly formidable challenges to vulnerability validation. Timely …
annually, posing increasingly formidable challenges to vulnerability validation. Timely …
Towards Identifying Vulnerabilities with Delayed Patching and Public Disclosure in Open-Source Communities
A Sridharkumar - 2024 - search.proquest.com
The number of open-source software (OSS) projects has been increasing over the last few
years. OSS projects are widely used either directly or as a nth dependency. However, OSS …
years. OSS projects are widely used either directly or as a nth dependency. However, OSS …