English
Related papers

Related papers: Why Not Mitigate Vulnerabilities in Helm Charts?

200 papers

Background: Helm is a package manager that allows defining, installing, and upgrading applications with Kubernetes (K8s), a popular container orchestration platform. A Helm chart is a collection of files describing all dependencies,…

Software Engineering · Computer Science 2024-03-15 Francesco Minna , Fabio Massacci , Katja Tuma

Helm has recently been proposed by practitioners as technology to package and deploy complex software applications on top of Kubernetes-based cloud computing platforms. Despite growing popularity, little is known about the individual…

Distributed, Parallel, and Cluster Computing · Computer Science 2019-01-04 Josef Spillner

Deploying an application into a Kubernetes cluster requires sending a manifest file to the cluster's control plane interface. This action is typically performed through a kubectl client which is configured and authorized to communicate with…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-06-16 Michael Howard

With the urgent need to secure supply chains among Open Source libraries, attention has focused on mitigating vulnerabilities detected in these libraries. Although awareness has improved recently, most studies still report delays in the…

Software Engineering · Computer Science 2024-06-18 Ruksit Rojpaisarnkit , Hathaichanok Damrongsiri , Christoph Treude , Ali Ouni , Raula Gaikovina Kula

Ethereum smart contracts are highly powerful, immutable, and able to retain massive amounts of tokens. However, smart contracts keep attracting attackers to benefit from smart contract flaws and Ethereum unexpected behavior. Thus,…

Cryptography and Security · Computer Science 2024-04-10 Wejdene Haouari , Abdelhakim Senhaji Hafid , Marios Fokaefs

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

As interconnected systems proliferate, safeguarding complex infrastructures against an escalating array of cyber threats has become an urgent challenge. The increasing number of vulnerabilities, combined with resource constraints, makes…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Nay Oo , Qiaoran Meng , Hoon Wei Lim , Biplab Sikdar

Many Ethereum smart contracts rely on block attributes such as block.timestamp or blockhash to generate random numbers for applications like lotteries and games. However, these values are predictable and miner-manipulable, creating the Bad…

Cryptography and Security · Computer Science 2026-01-16 Hadis Rezaei , Rahim Taheri , Francesco Palmieri

Smart contracts are software programs featuring both traditional applications and distributed data storage on blockchains. Ethereum is a prominent blockchain platform with the support of smart contracts. The smart contracts act as…

Cryptography and Security · Computer Science 2020-09-18 Purathani Praitheeshan , Lei Pan , Jiangshan Yu , Joseph Liu , Robin Doss

Third-party libraries are essential in software development as they prevent the need for developers to recreate existing functionalities. However, vulnerabilities within these libraries pose significant risks to dependent projects.…

Software Engineering · Computer Science 2025-04-01 Zirui Chen , Xing Hu , Puhua Sun , Xin Xia , Xiaohu Yang

Kubernetes, an open-source platform for automating the deployment, scaling, and management of containerized applications, is widely used for its efficiency and scalability. However, its complexity and extensive configuration options often…

Cryptography and Security · Computer Science 2024-08-08 Eoghan Russell , Kapal Dev

Memory corruption vulnerabilities have been around for decades and rank among the most prevalent vulnerabilities in embedded systems. Yet this constrained environment poses unique design and implementation challenges that significantly…

Cryptography and Security · Computer Science 2020-07-07 Ali Abbasi , Jos Wetzels , Thorsten Holz , Sandro Etalle

Context: Smart contracts are computer programs that are automatically executed on the blockchain. Vulnerabilities in their implementation have led to severe loss of cryptocurrency. Smart contracts become immutable when deployed to the…

Cryptography and Security · Computer Science 2022-03-29 Majd Soud , Grischa Liebel , Mohammad Hamdaqa

Relying on dependency packages accelerates software development, but it also increases the exposure to security vulnerabilities that may be present in dependencies. While developers have full control over which dependency packages (and…

Software Engineering · Computer Science 2023-10-13 Abbas Javan Jafari , Diego Elias Costa , Ahmad Abdellatif , Emad Shihab

Most of the current software security analysis tools assess vulnerabilities in isolation. However, sophisticated software supply chain security threats often stem from cascaded vulnerability and security weakness chains that span dependent…

Software Engineering · Computer Science 2026-01-29 Laura Baird , Armin Moin

Hosting providers play a key role in fighting web compromise, but their ability to prevent abuse is constrained by the security practices of their own customers. {\em Shared} hosting, offers a unique perspective since customers operate…

Container technology, (e.g., Docker) is being widely adopted for deploying software infrastructures or applications in the form of container images. Security vulnerabilities in the container images are a primary concern for developing…

Cryptography and Security · Computer Science 2021-12-24 Mubin Ul Haque , M. Ali Babar

Smart contracts are central to a myriad of critical blockchain applications, from financial transactions to supply chain management. However, their adoption is hindered by security vulnerabilities that can result in significant financial…

Cryptography and Security · Computer Science 2025-09-30 Dalila Ressi , Alvise Spanò , Lorenzo Benetollo , Carla Piazza , Michele Bugliesi , Sabina Rossi

Docker offers an ecosystem that offers a platform for application packaging, distributing, and managing within containers. However, the Docker platform has not yet matured. Presently, Docker is less secured than virtual machines (VM) and…

Cryptography and Security · Computer Science 2023-04-25 Robail Yasrab

Kubernetes is an open-source software for automating management of computerized services. Organizations, such as IBM, Capital One and Adidas use Kubernetes to deploy and manage their containers, and have reported benefits related to…

Cryptography and Security · Computer Science 2020-06-30 Md. Shazibul Islam Shamim , Farzana Ahamed Bhuiyan , Akond Rahman
‹ Prev 1 2 3 10 Next ›