English
Related papers

Related papers: Tracking Patches for Open Source Software Vulnerab…

200 papers

This paper is an introductory discussion on the cause of open source software vulnerabilities, their importance in the cybersecurity ecosystem, and a selection of detection methods. A recent application security report showed 44% of…

Cryptography and Security · Computer Science 2022-03-31 Stuart Millar

In open-source software (OSS), software vulnerabilities have significantly increased. Although researchers have investigated the perspectives of vulnerability reporters and OSS contributor security practices, understanding the perspectives…

Software Engineering · Computer Science 2025-02-04 Jessy Ayala , Yu-Jye Tung , Joshua Garcia

Open-source software (OSS) supply chain security has become a topic of concern for organizations. Patching an OSS vulnerability can require updating other dependent software products in addition to the original package. However, the…

Software Engineering · Computer Science 2024-04-19 Cadence Patrick , Kimberly Ruth , Zakir Durumeric

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities…

Cryptography and Security · Computer Science 2017-07-26 Benjamin L. Bullough , Anna K. Yanchenko , Christopher L. Smith , Joseph R. Zipkin

Security is a requirement of utmost importance to produce high-quality software. However, there is still a considerable amount of vulnerabilities being discovered and fixed almost weekly. We hypothesize that developers affect the…

Software Engineering · Computer Science 2021-09-14 Sofia Reis , Rui Abreu , Luis Cruz

Bug tracking tools are vital for managing bugs in any open source as well as proprietary commercial projects. Considering the significance of using an appropriate bug tracking tool, we assess the features offered by 31 open source bug…

Software Engineering · Computer Science 2017-06-22 Sai Anirudh Karre , Anveshi Shukla , Y. Raghu Reddy

The Open Source Software movement has been growing exponentially for a number of years with no signs of slowing. Driving this growth is the widespread availability of libraries and frameworks that provide many functionalities. Developers…

Software Engineering · Computer Science 2022-06-22 Stan Zajdel , Diego Elias Costa , Hafedh Mili

This study investigates vulnerabilities in dependencies of sampled open-source software (OSS) projects, the relationship between these and overall project security, and how developers' behaviors and practices influence their mitigation.…

Cryptography and Security · Computer Science 2024-08-27 Janislley Oliveira de Sousa , Bruno Carvalho de Farias , Eddie Batista de Lima Filho , Lucas Carvalho Cordeiro

Easy and mostly free access to the internet has resulted in the growing use of open source software (OSS). However, it is a common perception that closed proprietary software is still superior in areas such as software maintenance and…

Software Engineering · Computer Science 2015-12-01 Arif Raza , Luiz Fernando Capretz , Faheem Ahmed

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz

Open-Source Projects and Libraries are being used in software development while also bearing multiple security vulnerabilities. This use of third party ecosystem creates a new kind of attack surface for a product in development. An…

Software Engineering · Computer Science 2018-08-15 Lorenzo Neil , Sudip Mittal , Anupam Joshi

Modifications to open-source software (OSS) are often provided in the form of "patch stacks" - sets of changes (patches) that modify a given body of source code. Maintaining patch stacks over extended periods of time is problematic when the…

Software Engineering · Computer Science 2020-09-03 Ralf Ramsauer , Daniel Lohmann , Wolfgang Mauerer

Throughout computer history, it has been repeatedly demonstrated that critical software vulnerabilities can significantly affect the components involved. In the Free/Libre and Open Source Software (FLOSS) ecosystem, most software is…

Software Engineering · Computer Science 2025-02-13 Stefan Tatschner , Michael P. Heinl , Nicole Pappler , Tobias Specht , Sven Plaga , Thomas Newe

All computer programs have flaws, some of which can be exploited to gain unauthorized access to computer systems. We conducted a field study on publicly reported vulnerabilities affecting three open source software projects in widespread…

Software Engineering · Computer Science 2019-12-05 Raul Barbosa , Frederico Cerveira , Luis Goncalo , Henrique Madeira

While open-source software has enabled significant levels of reuse to speed up software development, it has also given rise to the dreadful dependency hell that all software practitioners face on a regular basis. This article provides a…

Software Engineering · Computer Science 2024-11-21 Tom Mens , Alexandre Decan

Many open source software (OSS) projects need more human resources for maintenance, improvements, and sometimes even their survival. These needs allegedly apply even to vital OSS projects that can be seen as being a part of the world's…

Cryptography and Security · Computer Science 2026-05-18 Jukka Ruohonen , Gaurav Choudhary , Adam Alami

Vulnerability detection plays a key role in secure software development. There are many different vulnerability detection tools and techniques to choose from, and insufficient information on which vulnerability detection techniques to use…

Software Engineering · Computer Science 2021-03-10 Sarah Elder

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS potentially affects the application. Upon the disclosure of every new…

Cryptography and Security · Computer Science 2025-03-18 Henrik Plate , Serena Elisa Ponta , Antonino Sabetta

In this paper we discuss the impact of open source on both the security and transparency of a software system. We focus on the more technical aspects of this issue, combining and extending arguments developed over the years. We stress that…

Cryptography and Security · Computer Science 2021-08-23 Jaap-Henk Hoepman , Bart Jacobs
‹ Prev 1 2 3 10 Next ›