English
Related papers

Related papers: Code-based Vulnerability Detection in Node.js Appl…

200 papers

Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is…

Cryptography and Security · Computer Science 2025-02-14 Simon Schneider , Komal Kashish , Katja Tuma , Riccardo Scandariato

Identifying security issues early is encouraged to reduce the latent negative impacts on software systems. Code review is a widely-used method that allows developers to manually inspect modified code, catching security issues during a…

Software Engineering · Computer Science 2024-05-10 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Code reuse is an important part of software development. The adoption of code reuse practices is especially common among Node.js developers. The Node.js package manager, NPM, indexes over 1 Million packages and developers often seek out…

Software Engineering · Computer Science 2023-01-03 Brittany Reid , Marcelo d`Amorim , Markus Wagner , Christoph Treude

Since last decade, smartphones have become an integral part of everyone's life. Having the ability to handle many useful and attractive applications, smartphones sport flawless functionality and small sizes leading to their exponential…

Cryptography and Security · Computer Science 2018-08-01 Keyur Kulkarni , Ahmad Y Javaid

Test flakiness is a significant issue in industry, affecting test efficiency and product quality. While extensive research has examined the impact of flaky tests, many root causes remain unexplored, particularly in the context of dynamic…

Software Engineering · Computer Science 2026-02-24 Negar Hashemi , Amjed Tahir , August Shi , Shawn Rasheed , Rachel Blagojevic

Computer-based systems have solved several domain problems, including industrial, military, education, and wearable. Nevertheless, such arrangements need high-quality software to guarantee security and safety as both are mandatory for…

The npm (Node Package Manager) ecosystem is the most important package manager for JavaScript development with millions of users. Consequently, a plethora of earlier work investigated how vulnerability reporting, patch propagation, and in…

Cryptography and Security · Computer Science 2025-06-10 Rajdeep Ghosh , Shiladitya De , Mainack Mondal

Increasing numbers of software vulnerabilities are discovered every year whether they are reported publicly or discovered internally in proprietary code. These vulnerabilities can pose serious risk of exploit and result in system…

Prototype pollution is a dangerous vulnerability affecting prototype-based languages like JavaScript and the Node.js platform. It refers to the ability of an attacker to inject properties into an object's root prototype at runtime and…

Cryptography and Security · Computer Science 2022-11-14 Mikhail Shcherbakov , Musard Balliu , Cristian-Alexandru Staicu

The popularity of JavaScript has lead to a large ecosystem of third-party packages available via the npm software package registry. The open nature of npm has boosted its growth, providing over 800,000 free and reusable software packages.…

Cryptography and Security · Computer Science 2019-06-10 Markus Zimmermann , Cristian-Alexandru Staicu , Cam Tenny , Michael Pradel

The rapidly evolving Node$.$js ecosystem currently includes millions of packages and is a critical part of modern software supply chains, making vulnerability detection of Node$.$js packages increasingly important. However, traditional…

Cryptography and Security · Computer Science 2026-04-23 Ronghao Ni , Mihai Christodorescu , Limin Jia

Vulnerability detection has always been the most important task in the field of software security. With the development of technology, in the face of massive source code, automated analysis and detection of vulnerabilities has become a…

Cryptography and Security · Computer Science 2021-04-26 Jiajie Wu

JavaScript is one of the most popular programming languages on the web. Despite the language popularity and the increasing size of JavaScript systems, there is a limited number of visualization tools that can be used by developers to…

Software Engineering · Computer Science 2017-05-17 Marcos Viana , Andre Hora , Marco Tulio Valente

The JavaScript programming language, which began as a simple scripting language for the Web, has become ubiquitous, spanning desktop, mobile, and server applications. This increase in usage has made JavaScript an attractive target for…

Cryptography and Security · Computer Science 2024-10-29 José Miguel Moreno , Narseo Vallina-Rodriguez , Juan Tapiador

The large amount of third-party packages available in fast-moving software ecosystems, such as Node.js/npm, enables attackers to compromise applications by pushing malicious updates to their package dependencies. Studying the npm…

Cryptography and Security · Computer Science 2021-03-11 Gabriel Ferreira , Limin Jia , Joshua Sunshine , Christian Kästner

With the increasing concern for security in the network, many approaches are laid out that try to protect the network from unauthorised access. New methods have been adopted in order to find the potential discrepancies that may damage the…

Cryptography and Security · Computer Science 2014-03-28 Sheetal Bairwa , Bhawna Mewara , Jyoti Gajrani

The area of software development and secure coding can benefit significantly from advancements in virtual assistants. Research has shown that many coders neglect security in favor of meeting deadlines. This shortcoming leaves systems…

Cryptography and Security · Computer Science 2021-05-14 Fitzroy D. Nembhard , Marco M. Carvalho

Over the past three decades, computers have managed to make their way into a majority of households. Due to this enormous transition, the surge in the internets popularity was inevitable. Just like everything else, whatever has a pro also…

Cryptography and Security · Computer Science 2024-09-02 C. Amuthadevi , Sparsh Srivastava , Raghav Khatoria , Varun Sangwan

Web developers routinely rely on third-party Java-Script libraries such as jQuery to enhance the functionality of their sites. However, if not properly maintained, such dependencies can create attack vectors allowing a site to be…

Cryptography and Security · Computer Science 2020-02-17 Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , Engin Kirda

Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS potentially affects the application. Upon the disclosure of every new…

Cryptography and Security · Computer Science 2025-03-18 Henrik Plate , Serena Elisa Ponta , Antonino Sabetta