HERMES: Using Commit-Issue Linking to Detect Vulnerability-Fixing Commits

Software projects today rely on many third-party libraries, and therefore, are exposed to vulnerabilities in these libraries. When a library vulnerability is fixed, users are notified and advised to upgrade to a new version of the library. However, not all vulnerabilities are publicly disclosed, and...

Full description

Saved in:
Bibliographic Details
Published in2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) pp. 51 - 62
Main Authors Nguyen-Truong, Giang, Kang, Hong Jin, Lo, David, Sharma, Abhishek, Santosa, Andrew E., Sharma, Asankhaya, Ang, Ming Yi
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.03.2022
Subjects
commit classification
commit-issue link recovery
Computer bugs
Conferences
Libraries
Machine learning
Security
silent fixes
Software
vulnerability curation
Online AccessGet full text

Cover

Be the first to leave a comment!
You must be logged in first