On the Use of Refactoring in Security Vulnerability Fixes: An Exploratory Study on Maven Libraries-Reference-Cited by-同舟云学术

On the Use of Refactoring in Security Vulnerability Fixes: An Exploratory Study on Maven Libraries

Published:2022-06-13 Issue: Volume: Page:
ISSN:
Container-title:The International Conference on Evaluation and Assessment in Software Engineering 2022
language:
Short-container-title:

Author:

Ikegami Ayano¹,Kula Raula Gaikovina¹,Chinthanet Bodin¹,Maeprasart Vittunyuta¹,Ouni Ali²,Ishio Takashi¹,Matsumoto Kenichi¹

Affiliation:

1. Nara Institute of Science and Technology (NAIST), Japan

2. ETS Montreal, University of Quebec, Canada

Funder

Japan Society for the Promotion of Science

Publisher

ACM

Link

https://dl.acm.org/doi/pdf/10.1145/3530019.3535304

Reference40 articles.

1. 2020. The State of the Octoverse | The State of the Octoverse explores a year of change with new deep dives into developer productivity security and how we build communities on GitHub.https://octoverse.github.com/#securing-software. (Accessed on 13/10/2021). 2020. The State of the Octoverse | The State of the Octoverse explores a year of change with new deep dives into developer productivity security and how we build communities on GitHub.https://octoverse.github.com/#securing-software. (Accessed on 13/10/2021).

2. 2021. CVE security vulnerability database. Security vulnerabilities exploits references and more. https://www.cvedetails.com/. (Accessed on 02/24/2021). 2021. CVE security vulnerability database. Security vulnerabilities exploits references and more. https://www.cvedetails.com/. (Accessed on 02/24/2021).

3. 2021. CWE - CWE-352: Cross-Site Request Forgery (CSRF) (4.5). https://cwe.mitre.org/data/definitions/352.html. (Accessed on 15/10/2021). 2021. CWE - CWE-352: Cross-Site Request Forgery (CSRF) (4.5). https://cwe.mitre.org/data/definitions/352.html. (Accessed on 15/10/2021).

4. 2021. CWE - CWE-611: Improper Restriction of XML External Entity Reference (4.5). https://cwe.mitre.org/data/definitions/611.html. (Accessed on 15/10/2021). 2021. CWE - CWE-611: Improper Restriction of XML External Entity Reference (4.5). https://cwe.mitre.org/data/definitions/611.html. (Accessed on 15/10/2021).

5. 2021. CWE - CWE-94: Improper Control of Generation of Code (’Code Injection’) (4.5). https://cwe.mitre.org/data/definitions/94.html. (Accessed on 15/10/2021). 2021. CWE - CWE-94: Improper Control of Generation of Code (’Code Injection’) (4.5). https://cwe.mitre.org/data/definitions/94.html. (Accessed on 15/10/2021).

Cited by 2 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Persisting and Reusing Results of Static Program Analyses on a Large Scale;2023 38th IEEE/ACM International Conference on Automated Software Engineering (ASE);2023-09-11

2. Software Security Measurements: A Survey;2022 International Conference on Intelligent Technology, System and Service for Internet of Everything (ITSS-IoE);2022-12-03