Vulnerable Open Source Dependencies: Counting Those That Matter

29 August 2018

Papers citing "Vulnerable Open Source Dependencies: Counting Those That Matter"

24 / 24 papers shown

Title
Open Source, Open Threats? Investigating Security Challenges in Open-Source Software Seyed Ali Akhavani Behzad Ousat Amin Kharraz 12 0 0 15 Jun 2025
An Accurate and Efficient Vulnerability Propagation Analysis Framework Bonan Ruan Zhiwei Lin Jiahao Liu Chuqi Zhang Kaihang Ji Zhenkai Liang 55 0 0 02 Jun 2025
Vulnerability Coordination Under the Cyber Resilience Act Jukka Ruohonen Paul Timmers 112 4 0 09 Dec 2024
Forecasting the risk of software choices: A model to foretell security vulnerabilities from library dependencies and source code evolution C. E. Budde Ranindya Paramitha Fabio Massacci 64 0 0 17 Nov 2024
Security Testbed for Preempting Attacks against Supercomputing Infrastructure Phuong Cao Zbigniew T. Kalbarczyk Ravishankar Iyer SILM 26 1 0 15 Sep 2024
Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries Fangyuan Zhang Lingling Fan Sen Chen Miaoying Cai Sihan Xu Lida Zhao 35 3 0 04 Sep 2024
An Industry Interview Study of Software Signing for Supply Chain Security Kelechi G. Kalu Tanya Singla C. Okafor Santiago Torres-Arias James C. Davis 109 7 0 12 Jun 2024
AI for DevSecOps: A Landscape and Future Opportunities Michael Fu Jirat Pasuksmit Chakkrit Tantithamthavorn 79 7 0 07 Apr 2024
Code Ownership in Open-Source AI Software Security Jiawen Wen Dong Yuan Lei Ma Huaming Chen 59 0 0 18 Dec 2023
How well does LLM generate security tests? Ying Zhang Wen-Kai Song Zhengjie Ji Danfeng D. Yao Na Meng 65 36 0 01 Oct 2023
MELT: Mining Effective Lightweight Transformations from Pull Requests Daniel Ramos Hailie Mitchell I. Lynce Vasco M. Manquinho Ruben Martins Claire Le Goues MoMe AI4CE 19 6 0 28 Aug 2023
An Empirical Study on Using Large Language Models to Analyze Software Supply Chain Security Failures Tanmay Singla Dharun Anandayuvaraj Kelechi G. Kalu Taylor R. Schorlemmer James C. Davis 133 14 0 09 Aug 2023
Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem Lyuye Zhang Chengwei Liu Sen Chen Zhengzi Xu Lingling Fan Lida Zhao Yiran Zhang Yang Liu 32 24 0 07 Aug 2023
Software supply chain: review of attacks, risk assessment strategies and security controls Betul Gokkaya Leonardo Aniello Basel Halak 45 6 0 23 May 2023
Cargo Ecosystem Dependency-Vulnerability Knowledge Graph Construction and Vulnerability Propagation Study Peiyang Jia Chengwei Liu Hongyu Sun Chengyi Sun Mianxue Gu Yang Liu Yuqing Zhang 23 3 0 14 Oct 2022
Taxonomy of Attacks on Open-Source Software Supply Chains Piergiorgio Ladisa H. Plate Matias Martinez Olivier Barais 94 148 0 08 Apr 2022
A Novel Model for Vulnerability Analysis through Enhanced Directed Graphs and Quantitative Metrics Ángel Longueira-Romero Rosa Iglesias Jose Luis Flores Iñaki Garitano 20 9 0 13 Dec 2021
Tracking Patches for Open Source Software Vulnerabilities Congying Xu Bihuan Chen Chenhao Lu Kaifeng Huang Xin Peng Yang Liu 41 30 0 04 Dec 2021
Security Review of Ethereum Beacon Clients Jean-Philippe Aumasson D. Kolegov Evangelia Stathopoulou 35 10 0 23 Sep 2021
Uncovering the Hidden Dangers: Finding Unsafe Go Code in the Wild Johannes Lauinger Lars Baumgärtner A. Wickert Mira Mezini 23 3 0 21 Oct 2020
Lags in the Release, Adoption, and Propagation of npm Vulnerability Fixes Bodin Chinthanet R. Kula Shane McIntosh T. Ishio Akinori Ihara Ken-ichi Matsumoto 53 60 0 08 Jul 2019
On Preempting Advanced Persistent Threats Using Probabilistic Graphical Models Phuong M Cao 19 8 0 21 Mar 2019
A Manually-Curated Dataset of Fixes to Vulnerabilities of Open-Source Software Serena Elisa Ponta H. Plate A. Sabetta M. Bezzi Cédric Dangremont 75 123 0 07 Feb 2019
An Empirical Analysis of Vulnerabilities in Python Packages for Web Applications Jukka Ruohonen 38 24 0 31 Oct 2018