all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VFCFinder: Seamlessly Pairing Security Advisories and Patches. (arXiv:2311.01532v1 [cs.CR])

Add to bookmarks
Nov. 6, 2023, 2:10 a.m. | Trevor Dunlap, Elizabeth Lin, William Enck, Bradley Reaves

cs.CR updates on arXiv.org arxiv.org

Security advisories are the primary channel of communication for discovered
vulnerabilities in open-source software, but they often lack crucial
information. Specifically, 63% of vulnerability database reports are missing
their patch links, also referred to as vulnerability fixing commits (VFCs).
This paper introduces VFCFinder, a tool that generates the top-five ranked set
of VFCs for a given security advisory using Natural Language Programming
Language (NL-PL) models. VFCFinder yields a 96.6% recall for finding the
correct VFC within the Top-5 commits, and …

channel communication database information links missing open-source software patch patches reports security security advisories software tool vulnerabilities vulnerability vulnerability database

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Privacy Amplification for Matrix Mechanisms an hour ago | arxiv.org
algorithms amplification analysis art +16
Jailbreak and Guard Aligned Language Models with Only Few In-Context Demonstrations an hour ago | arxiv.org
alignment arxiv context cs.ai +11
FT-Shield: A Watermark Against Unauthorized Fine-tuning in Text-to-Image Diffusion Models an hour ago | arxiv.org
adaptation advancement applications arxiv +15
Are aligned neural networks adversarially aligned? an hour ago | arxiv.org
adversarial align alignment arxiv +17
Data Depth and Core-based Trend Detection on Blockchain Transaction Networks an hour ago | arxiv.org
arxiv assets blockchain blockchains +14
A New Linear Scaling Rule for Private Adaptive Hyperparameter Optimization an hour ago | arxiv.org
account arxiv cost cs.ai +11
RandOhm: Mitigating Impedance Side-channel Attacks using Randomized Circuit Configurations an hour ago | arxiv.org
arxiv attacks can channel +15
An algorithm for forensic toolmark comparisons an hour ago | arxiv.org
address algorithm analysis arxiv +11
Scalable and Adaptively Secure Any-Trust Distributed Key Generation and All-hands Checkpointing an hour ago | arxiv.org
applications arxiv blockchain challenges +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Operations Program Manager

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Sr. Network Security engineer

@ NXP Semiconductors | Bengaluru (Nagavara)
View on infosec-jobs.com

DevSecOps Engineer

@ RP Pro Services | Washington, District of Columbia, United States
View on infosec-jobs.com

Consultant RSSI H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

TW Senior Test Automation Engineer (Access Control & Intrusion Systems)

@ Bosch Group | Taipei, Taiwan
View on infosec-jobs.com

Cyber Security, Senior Manager

@ Triton AI Pte Ltd | Singapore, Singapore, Singapore
View on infosec-jobs.com
View more jobs