English
Related papers

Related papers: A Quantitative Study of Security Bug Fixes of GitH…

200 papers

Bug triaging for security vulnerabilities is a critical part of software maintenance, ensuring that the most pressing vulnerabilities are addressed promptly to safeguard system integrity and user data. However, the process is…

Developers rely on online tutorials to learn web application security, but tutorial quality varies. We reviewed 132 free security tutorials to examine topic coverage, authorship, and technical depth. Our analysis shows that most tutorials…

Cryptography and Security · Computer Science 2026-03-24 Bhagya Chembakottu , Martin P. Robillard

Software vulnerabilities are commonly exploited as attack vectors in cyberattacks. Hence, it is crucial to identify vulnerable software configurations early to apply preventive measures. Effective vulnerability detection relies on…

Cryptography and Security · Computer Science 2024-12-24 Devesh Sawant , Manjesh K. Hanawal , Atul Kabra

As the number of Common Vulnerabilities and Exposures (CVE) continues to grow exponentially, security teams face increasingly difficult decisions about prioritization. Current approaches using Common Vulnerability Scoring System (CVSS)…

Cryptography and Security · Computer Science 2026-03-05 Naoyuki Shimizu , Masaki Hashimoto

The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated, 10 being the most…

Cryptography and Security · Computer Science 2024-05-09 Julia Wunder , Andreas Kurtz , Christian Eichenmüller , Freya Gassmann , Zinaida Benenson

With the urgent need to secure supply chains among Open Source libraries, attention has focused on mitigating vulnerabilities detected in these libraries. Although awareness has improved recently, most studies still report delays in the…

Software Engineering · Computer Science 2024-06-18 Ruksit Rojpaisarnkit , Hathaichanok Damrongsiri , Christoph Treude , Ali Ouni , Raula Gaikovina Kula

Due to the voluntary nature of open source software, it can be hard to find a developer to work on a particular task. For example, some issue reports may be too cumbersome and unexciting for someone to volunteer to do them, yet these issue…

Software Engineering · Computer Science 2019-04-08 Jiayuan Zhou , Shaowei Wang , Cor-Paul Bezemer , Ying Zou , Ahmed E. Hassan

Peer code review locates common coding rule violations and simple logical errors in the early phases of software development, and thus reduces overall cost. However, in GitHub, identifying an appropriate code reviewer for a pull request is…

Software Engineering · Computer Science 2018-07-10 Mohammad Masudur Rahman , Chanchal K. Roy , Jason A. Collins

The paper presents a traceability analysis of how over 84 thousand vulnerabilities have propagated across 28 open source software ecosystems. According to the results, the propagation sequences have been complex in general, although GitHub,…

Software Engineering · Computer Science 2025-09-17 Jukka Ruohonen , Qusai Ramadan

Efficient bug triaging procedures are an important precondition for successful collaborative software engineering projects. Triaging bugs can become a laborious task particularly in open source software (OSS) projects with a large base of…

Software Engineering · Computer Science 2013-03-04 Marcelo Serrano Zanetti , Ingo Scholtes , Claudio Juan Tessone , Frank Schweitzer

Vector database management systems (VDBMSs) play a crucial role in facilitating semantic similarity searches over high-dimensional embeddings from diverse data sources. While VDBMSs are widely used in applications such as recommendation,…

Software Engineering · Computer Science 2025-06-04 Yinglin Xie , Xinyi Hou , Yanjie Zhao , Shenao Wang , Kai Chen , Haoyu Wang

Bugs are inevitable in software development, and their reporting in open repositories can enhance software transparency and reliability assessment. This study aims to extract information from the issue tracking system Jira and proposes a…

Software Engineering · Computer Science 2024-08-01 Hasan Yagiz Ozkan , Poul Einer Heegaard , Wolfgang Kellerer , Carmen Mas-Machuca

Software and systems traceability is widely accepted as an essential element for supporting many software development tasks. Today's version control systems provide inbuilt features that allow developers to tag each commit with one or more…

Software Engineering · Computer Science 2018-04-10 Michael Rath , Jacob Rendall , Jin L. C. Guo , Jane Cleland-Huang , Patrick Maeder

Fixing bugs in large programs is a challenging task that demands substantial time and effort. Once a bug is found, it is reported to the project maintainers, who work with the reporter to fix it and eventually close the issue. However,…

Software Engineering · Computer Science 2025-10-17 Qiushi Wu , Yue Xiao , Dhilung Kirat , Kevin Eykholt , Jiyong Jang , Douglas Lee Schales

In issue tracking systems, each bug is assigned a priority level (e.g., Blocker, Critical, Major, Minor, or Trivial in JIRA from highest to lowest), which indicates the urgency level of the bug. In this sense, understanding bug priority…

Software Engineering · Computer Science 2024-03-11 Zengyang Li , Guangzong Cai , Qinyi Yu , Peng Liang , Ran Mo , Hui Liu

Open-source software projects are foundational to modern software ecosystems, with the Linux kernel standing out as a critical exemplar due to its ubiquity and complexity. Although security patches are continuously integrated into the Linux…

Version Control Systems (VCS) are frequently used to support development of large-scale software projects. A typical VCS repository of a large project can contain various intertwined branches consisting of a large number of commits. If some…

Software Engineering · Computer Science 2017-08-23 Jaroslav Bendik , Nikola Benes , Ivana Cerna

In the past couple of decades, significant research efforts have been devoted to the prediction of software bugs (i.e., defects). In general, these works leverage a diverse set of metrics, tools, and techniques to predict which classes,…

Software Engineering · Computer Science 2024-08-06 Ehsan Mashhadi , Shaiful Chowdhury , Somayeh Modaberi , Hadi Hemmati , Gias Uddin

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

Common Vulnerability and Exposure (CVE) records are fundamental to cybersecurity, offering unique identifiers for publicly known software and system vulnerabilities. Each CVE is typically assigned a Common Vulnerability Scoring System…

Cryptography and Security · Computer Science 2025-04-16 Francesco Marchiori , Denis Donadel , Mauro Conti