2023 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) 2023
DOI: 10.1109/saner56733.2023.00028
|View full text |Cite
|
Sign up to set email alerts
|

On the Effect of Transitivity and Granularity on Vulnerability Propagation in the Maven Ecosystem

Amir M. Mir
1
,
Mehdi Keshani
2
,
Sebastian Proksch
3

Abstract: Reusing software libraries is a pillar of modern software engineering. In 2022, the average Java application depends on 40 third-party libraries. Relying on such libraries exposes a project to potential vulnerabilities and may put an application and its users at risk. Unfortunately, research on software ecosystems has shown that the number of projects that are affected by such vulnerabilities is rising. Previous investigations usually reason about dependencies on the dependency level, but we believe that this … Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

0
0
0

Year Published

2023
2023
2024
2024

Publication Types

Select...
5

Relationship

0
5

Authors

Journals

citations
Cited by 10 publications
references
References 26 publications
(12 reference statements)
0
0
0
Order By: Relevance

Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem

Zhang,
Liu,
Chen
et al. 2023
2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)
6
0
1
0
View full textAdd to dashboardCite

Mitigating Persistence of Open-Source Vulnerabilities in Maven Ecosystem

Zhang,
Liu,
Chen
et al. 2023
2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE)
6
0
1
0
View full textAdd to dashboardCite

Assessing the Threat Level of Software Supply Chains with the Log Model

Soeiro,
Robert,
Zacchiroli
2023
2023 IEEE International Conference on Big Data (BigData)
0
0
0
0
View full textAdd to dashboardCite

Maven Unzipped: Exploring the Impact of Library Packaging on the Ecosystem

Keshani,
Bot,
Rungta
et al. 2024
2024 IEEE International Conference on Software Maintenance and Evolution (ICSME)
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.