English
Related papers

Related papers: Exploring the Security Awareness of the Python and…

200 papers

To build secure software, developers often work together during software development and maintenance to find, fix, and prevent security vulnerabilities. Examining the nature of developer interactions during their security activities…

Software Engineering · Computer Science 2019-07-30 Song Wang , Nachi Nagappan

Software vulnerabilities are a fundamental cause of cyber attacks. Effectively identifying these vulnerabilities is essential for robust cybersecurity, yet it remains a complex and challenging task. In this paper, we present SafePyScript, a…

Software Engineering · Computer Science 2024-11-04 Talaya Farasat , Atiqullah Ahmadzai , Aleena Elsa George , Sayed Alisina Qaderi , Dusan Dordevic , Joachim Posegga

The most common use of data visualization is to minimize the complexity for proper understanding. A graph is one of the most commonly used representations for understanding relational data. It produces a simplified representation of data…

Software Engineering · Computer Science 2022-01-26 Md Nadim , Debajyoti Mondal , Chanchal K. Roy

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Version control systems are commonly used to manage open-source software, in which each commit may introduce new vulnerabilities or fix existing ones. Researchers have developed various tools for detecting vulnerabilities in code commits,…

Software Engineering · Computer Science 2025-01-08 Zhaonan Wu , Yanjie Zhao , Chen Wei , Zirui Wan , Yue Liu , Haoyu Wang

As open-source AI software projects become an integral component in the AI software development, it is critical to develop a novel methods to ensure and measure the security of the open-source projects for developers. Code ownership,…

Software Engineering · Computer Science 2023-12-19 Jiawen Wen , Dong Yuan , Lei Ma , Huaming Chen

Modern software systems, such as Spark, are usually written in multiple programming languages (PLs). Besides benefiting from code reuse, such systems can also take advantages of specific PLs to implement certain features, to meet various…

Software Engineering · Computer Science 2021-03-23 Zengyang Li , Xiaoxiao Qi , Qinyi Yu , Peng Liang , Ran Mo , Chen Yang

In order to understand the state and evolution of the entirety of open source software we need to get a handle on the set of distinct software projects. Most of open source projects presently utilize Git, which is a distributed version…

Social and Information Networks · Computer Science 2020-04-07 Audris Mockus , Diomidis Spinellis , Zoe Kotti , Gabriel John Dusing

Modern software systems are developed in diverse programming languages and often harbor critical vulnerabilities that attackers can exploit to compromise security. These vulnerabilities have been actively targeted in real-world attacks,…

Cryptography and Security · Computer Science 2025-03-27 Zhuoyun Qian , Fangtian Zhong , Qin Hu , Yili Jiang , Jiaqi Huang , Mengfei Ren , Jiguo Yu

Software developers share programming solutions in Q&A sites like Stack Overflow. The reuse of crowd-sourced code snippets can facilitate rapid prototyping. However, recent research shows that the shared code snippets may be of low quality…

Software Engineering · Computer Science 2021-01-21 Morteza Verdi , Ashkan Sami , Jafar Akhondali , Foutse Khomh , Gias Uddin , Alireza Karami Motlagh

Python applications depend on third-party native libraries that may be vendored within package distributions or installed on the host system. When vulnerabilities are discovered in these native libraries, determining which Python packages…

In recent years, JavaScript has become the most widely used programming language, especially in web development. However, writing secure JavaScript code is not trivial, and programmers often make mistakes that lead to security…

Cryptography and Security · Computer Science 2024-03-21 Tan Khang Le , Saba Alimadadi , Steven Y. Ko

The lack of reliable sources of detailed information on the vulnerabilities of open-source software (OSS) components is a major obstacle to maintaining a secure software supply chain and an effective vulnerability management process.…

Cryptography and Security · Computer Science 2025-03-18 Antonino Sabetta , Michele Bezzi

With the urgent need to secure supply chains among Open Source libraries, attention has focused on mitigating vulnerabilities detected in these libraries. Although awareness has improved recently, most studies still report delays in the…

Software Engineering · Computer Science 2024-06-18 Ruksit Rojpaisarnkit , Hathaichanok Damrongsiri , Christoph Treude , Ali Ouni , Raula Gaikovina Kula

The informativeness of security-related commit messages is crucial for patch triage: when high, it enables the rapid distribution and deployment of security fixes. Prior research (Reis et al., 2023) reported, however, that commit messages…

Software Engineering · Computer Science 2026-04-23 Syful Islam , Stefano Zacchiroli

Vulnerabilities in software libraries and reusable components cause major security challenges, particularly in dependency-heavy ecosystems such as Maven. This paper presents a large-scale analysis of vulnerabilities in the Maven ecosystem…

Software Engineering · Computer Science 2025-03-31 Md Fazle Rabbi , Rajshakhar Paul , Arifa Islam Champa , Minhaz F. Zibran

As software development practices increasingly adopt AI-powered tools, ensuring that such tools can support secure coding has become critical. This study evaluates the effectiveness of GitHub Copilot's recently introduced code review…

Software Engineering · Computer Science 2025-09-18 Amena Amro , Manar H. Alalfi

Software security vulnerabilities can lead to severe consequences, making early detection essential. Although code review serves as a critical defense mechanism against security flaws, relevant feedback remains scarce due to limited…

Software Engineering · Computer Science 2026-01-06 Zixiao Zhao , Yanjie Jiang , Hui Liu , Kui Liu , Lu Zhang

We witness an increasing usage of AI-assistants even for routine (classroom) programming tasks. However, the code generated on basis of a so called "prompt" by the programmer does not always meet accepted security standards. On the one…

Software Engineering · Computer Science 2024-08-15 Stefan Goetz , Andreas Schaad

In this paper, we perform a comprehensive study of 2,470 patched Android vulnerabilities that we collect from different data sources such as Android security bulletins, CVEDetails, Qualcomm Code Aurora, AOSP Git repository, and Linux…

Cryptography and Security · Computer Science 2019-05-24 Sadegh Farhang , Mehmet Bahadir Kirdan , Aron Laszka , Jens Grossklags