VERJava: Vulnerable version identification for Java OSS with a two-stage analysis

[免费ChatGPT] [DeepSeek可用网址] [PDF] github.io

Vision: Identifying affected library versions for open source software vulnerabilities

S Wu, R Wang, K Huang, Y Cao, W Song… - Proceedings of the 39th …, 2024‏ - dl.acm.org
Vulnerability reports play a crucial role in mitigating open-source software risks. Typically,
the vulnerability report contains affected versions of a software. However, despite the …
שמור צטט צוטט על ידי 3 מאמרים בנושא זה כל 4 הגרסאות
[免费ChatGPT] [DeepSeek可用网址] [PDF] arxiv.org

VFCFinder: Pairing Security Advisories and Patches

T Dunlap, E Lin, W Enck, B Reaves - Proceedings of the 19th ACM Asia …, 2024‏ - dl.acm.org
Security advisories are the primary channel of communication for discovered vulnerabilities
in open-source software, but they often lack crucial information. Specifically, 63% of …
שמור צטט צוטט על ידי 8 מאמרים בנושא זה כל 8 הגרסאות
[免费ChatGPT] [DeepSeek可用网址] [PDF] arxiv.org

Does the Vulnerability Threaten Our Projects? Automated Vulnerable API Detection for Third-Party Libraries

F Zhang, L Fan, S Chen, M Cai, S Xu… - IEEE Transactions on …, 2024‏ - ieeexplore.ieee.org
Developers usually use third-party libraries (TPLs) to facilitate the development of their
projects to avoid reinventing the wheels, however, the vulnerable TPLs indeed cause severe …
שמור צטט צוטט על ידי 1 מאמרים בנושא זה כל 7 הגרסאות

Vul4Java: A Java OSS vulnerability identification method based on a two-stage analysis

Z Wang, J Hu, Y Zhou, S Tambadou, F Zuo - Proceedings of the …, 2024‏ - dl.acm.org
Open source software (OSS) has been widely used to accelerate software development,
inevitably exposing downstr omissions and false positives; omissions put applications and …
שמור צטט מאמרים בנושא זה