FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4384345738> ?p ?o ?g. }

• W4384345738 abstract "Modern software systems are increasingly relying on dependencies from the ecosystem. A recent estimation shows that around 35% of an open-source project's code come from its depended libraries. Unfortunately, open-source libraries are often threatened by various vulnerability issues, and the number of disclosed vulnerabilities is increasing steadily over the years. Such vulnerabilities can pose significant security threats to the whole ecosystem, not only to the vulnerable libraries themselves, but also to the corresponding downstream projects. Many Software Composition Analysis (SCA) tools have been proposed, aiming to detect vulnerable libraries or components referring to existing vulnerability databases. However, recent studies report that such tools often generate a large number of false alerts. Particularly, up to 73.3% of the projects depending on vulnerable libraries are actually safe. Aiming to devise more precise tools, understanding the threats of vulnerabilities holistically in the ecosystem is significant, as already performed by a number of existing studies. However, previous researches either analyze at a very coarse granularity (e.g., without analyzing the source code) or are limited by the study scales. This study aims to bridge such gaps. In particular, we collect 44,450 instances of (CVE, upstream, downstream) relations and analyze around 50 million invocations made from downstream to upstream projects to understand the potential threats of upstream vulnerabilities to downstream projects in the Maven ecosystem. Our investigation makes interesting yet significant findings with respect to multiple aspects, including the reach-ability of vulnerabilities, the complexities of the reachable paths as well as how downstream projects and developers perceive upstream vulnerabilities. We believe such findings can not only provide a holistic understanding towards the threats of upstream vulnerabilities in the Maven ecosystem, but also can guide future researches in this field." @default.
• W4384345738 created "2023-07-15" @default.
• W4384345738 creator A5003031253 @default.
• W4384345738 creator A5005327443 @default.
• W4384345738 creator A5022262922 @default.
• W4384345738 creator A5030261284 @default.
• W4384345738 creator A5069771802 @default.
• W4384345738 creator A5074676946 @default.
• W4384345738 date "2023-05-01" @default.
• W4384345738 modified "2023-09-26" @default.
• W4384345738 title "Understanding the Threats of Upstream Vulnerabilities to Downstream Projects in the Maven Ecosystem" @default.
• W4384345738 cites W2084240154 @default.
• W4384345738 cites W2600915151 @default.
• W4384345738 cites W2620044036 @default.
• W4384345738 cites W2765843494 @default.
• W4384345738 cites W2767231363 @default.
• W4384345738 cites W2796104318 @default.
• W4384345738 cites W2799226481 @default.
• W4384345738 cites W2889097348 @default.
• W4384345738 cites W2899324080 @default.
• W4384345738 cites W2953934237 @default.
• W4384345738 cites W2963321189 @default.
• W4384345738 cites W2963748706 @default.
• W4384345738 cites W2963926786 @default.
• W4384345738 cites W2964080672 @default.
• W4384345738 cites W2997903896 @default.
• W4384345738 cites W3032317978 @default.
• W4384345738 cites W3088691441 @default.
• W4384345738 cites W3089499961 @default.
• W4384345738 cites W3089659633 @default.
• W4384345738 cites W3094949573 @default.
• W4384345738 cites W3106855263 @default.
• W4384345738 cites W3108766814 @default.
• W4384345738 cites W3109179155 @default.
• W4384345738 cites W3121596715 @default.
• W4384345738 cites W3127006109 @default.
• W4384345738 cites W3130085452 @default.
• W4384345738 cites W3138230581 @default.
• W4384345738 cites W3161799213 @default.
• W4384345738 cites W3162867182 @default.
• W4384345738 cites W3175545355 @default.
• W4384345738 cites W3177321543 @default.
• W4384345738 cites W3185514416 @default.
• W4384345738 cites W3195703954 @default.
• W4384345738 cites W4205544737 @default.
• W4384345738 cites W4221145571 @default.
• W4384345738 cites W4223937600 @default.
• W4384345738 cites W4256420017 @default.
• W4384345738 cites W4284673343 @default.
• W4384345738 cites W4312793626 @default.
• W4384345738 cites W1975328502 @default.
• W4384345738 doi "https://doi.org/10.1109/icse48619.2023.00095" @default.
• W4384345738 hasPublicationYear "2023" @default.
• W4384345738 type Work @default.
• W4384345738 citedByCount "0" @default.
• W4384345738 crossrefType "proceedings-article" @default.
• W4384345738 hasAuthorship W4384345738A5003031253 @default.
• W4384345738 hasAuthorship W4384345738A5005327443 @default.
• W4384345738 hasAuthorship W4384345738A5022262922 @default.
• W4384345738 hasAuthorship W4384345738A5030261284 @default.
• W4384345738 hasAuthorship W4384345738A5069771802 @default.
• W4384345738 hasAuthorship W4384345738A5074676946 @default.
• W4384345738 hasConcept C110872660 @default.
• W4384345738 hasConcept C144133560 @default.
• W4384345738 hasConcept C158980903 @default.
• W4384345738 hasConcept C162853370 @default.
• W4384345738 hasConcept C18903297 @default.
• W4384345738 hasConcept C191172861 @default.
• W4384345738 hasConcept C199360897 @default.
• W4384345738 hasConcept C2776207758 @default.
• W4384345738 hasConcept C2777904410 @default.
• W4384345738 hasConcept C31258907 @default.
• W4384345738 hasConcept C38652104 @default.
• W4384345738 hasConcept C41008148 @default.
• W4384345738 hasConcept C86803240 @default.
• W4384345738 hasConcept C95713431 @default.
• W4384345738 hasConceptScore W4384345738C110872660 @default.
• W4384345738 hasConceptScore W4384345738C144133560 @default.
• W4384345738 hasConceptScore W4384345738C158980903 @default.
• W4384345738 hasConceptScore W4384345738C162853370 @default.
• W4384345738 hasConceptScore W4384345738C18903297 @default.
• W4384345738 hasConceptScore W4384345738C191172861 @default.
• W4384345738 hasConceptScore W4384345738C199360897 @default.
• W4384345738 hasConceptScore W4384345738C2776207758 @default.
• W4384345738 hasConceptScore W4384345738C2777904410 @default.
• W4384345738 hasConceptScore W4384345738C31258907 @default.
• W4384345738 hasConceptScore W4384345738C38652104 @default.
• W4384345738 hasConceptScore W4384345738C41008148 @default.
• W4384345738 hasConceptScore W4384345738C86803240 @default.
• W4384345738 hasConceptScore W4384345738C95713431 @default.
• W4384345738 hasLocation W43843457381 @default.
• W4384345738 hasOpenAccess W4384345738 @default.
• W4384345738 hasPrimaryLocation W43843457381 @default.
• W4384345738 hasRelatedWork W2088945351 @default.
• W4384345738 hasRelatedWork W2241146542 @default.
• W4384345738 hasRelatedWork W2348356937 @default.
• W4384345738 hasRelatedWork W2373560751 @default.
• W4384345738 hasRelatedWork W2738872473 @default.
• W4384345738 hasRelatedWork W2765104216 @default.
• W4384345738 hasRelatedWork W2907497901 @default.

• next