We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.SE

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Software Engineering

Title: Challenges of mapping Vulnerabilities and Exposures to Open-Source Packages

Abstract: Much of the current software depends on open-source components, which in turn have complex dependencies on other open-source libraries. Vulnerabilities in open source therefore have potentially huge impacts. The goal of this work is to get a quantitative overview of the frequency and evolution of existing vulnerabilities in popular software repositories and package managers. To this end, we provide an up-to-date overview of the open source landscape and its most popular package managers. We discuss approaches to map entries of the Common Vulnerabilities and Exposures (CVE) list to open-source libraries. Based on this mapping approaches, we show the frequency and distribution of CVE entries with respect to popular programming languages.
Subjects: Software Engineering (cs.SE); Cryptography and Security (cs.CR)
Cite as: arXiv:2206.14527 [cs.SE]
  (or arXiv:2206.14527v1 [cs.SE] for this version)

Submission history

From: Sebastian Neumaier [view email]
[v1] Wed, 29 Jun 2022 10:51:23 GMT (188kb,D)

Link back to: arXiv, form interface, contact.