all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

VulLibGen: Identifying Vulnerable Third-Party Libraries via Generative Pre-Trained Model. (arXiv:2308.04662v1 [cs.CR])

Add to bookmarks
Aug. 10, 2023, 1:10 a.m. | Tianyu Chen, Lin Li, Liuchuan Zhu, Zongyang Li, Guangtai Liang, Ding Li, Qianxiang Wang, Tao Xie

cs.CR updates on arXiv.org arxiv.org

To avoid potential risks posed by vulnerabilities in third-party libraries,
security researchers maintain vulnerability databases (e.g., NVD) containing
vulnerability reports, each of which records the description of a vulnerability
and the name list of libraries affected by the vulnerability (a.k.a. vulnerable
libraries). However, recent studies on about 200,000 vulnerability reports in
NVD show that 53.3% of these reports do not include the name list of vulnerable
libraries, and 59.82% of the included name lists of vulnerable libraries are
incomplete or …

databases generative list name nvd party reports researchers risks security security researchers studies third third-party vulnerabilities vulnerability vulnerability reports vulnerable

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

Why You Should Not Trust Interpretations in Machine Learning: Adversarial Attacks on Partial Dependence Plots 10 hours ago | arxiv.org
adoption adversarial adversarial attacks artificial +22
Sui Lutris: A Blockchain Combining Broadcast and Consensus 10 hours ago | arxiv.org
agreement arxiv blockchain broadcast +12
Jolteon and Ditto: Network-Adaptive Efficient Consensus with Asynchronous Fallback 10 hours ago | arxiv.org
arxiv asynchronous blockchains clear +19
Noisy Measurements Are Important, the Design of Census Products Is Much More Important 10 hours ago | arxiv.org
arxiv asking august call +19
Graphene: Infrastructure Security Posture Analysis with AI-generated Attack Graphs 10 hours ago | arxiv.org
analysis arxiv assessment attack +31
REED: Chiplet-Based Accelerator for Fully Homomorphic Encryption 10 hours ago | arxiv.org
accelerator accelerators address application +14
Evaluation Methodologies in Software Protection Research 10 hours ago | arxiv.org
arms arxiv assets attackers +20
SoK: Rowhammer on Commodity Operating Systems 10 hours ago | arxiv.org
academia access arxiv attacks +17
Quantum cryptographic protocols with dual messaging system via 2D alternate quantum walks and genuine single … 10 hours ago | arxiv.org
alternate arxiv can cond-mat.dis-nn +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs