Context: Coordination is a fundamental tenet of software engineering. Coordination is required also for identifying discovered and disclosed software vulnerabilities with Common Vulnerabilities and Exposures (CVEs). Motivated by recent practical challenges, this paper examines the coordination of CVEs for open source projects through a public mailing list. Objective: The paper observes the historical time delays between the assignment of CVEs on a mailing list and the later appearance of these in the National Vulnerability Database (NVD). Drawing from research on software engineering coordination, software vulnerabilities, and bug tracking, the delays are modeled through three dimensions: social networks and communication practices, trackin...
Common Vulnerabilities and Exposures (CVE) is an international, community-based effort, including in...
Known security vulnerabilities are introduced in software systems as a result of depending on third-...
Collaborative functionality is changing the way information is amassed, refined, and disseminated in...
Reducing the time taken to discover and fix vulnerabilities in open source software projects is incr...
This empirical paper examines the time delays that occur between the publication of Common Vulnerabi...
It is difficult for end-users to judge the risk posed by software security vulnerabilities. This the...
Software vulnerabilities are weaknesses in source code that can be potentially exploited to cause lo...
There is little or no information available on what actually happens when a software vulnerability i...
This empirical paper models three structural factors that are hypothesized to affect the turnaround ...
Software vulnerabilities are the root cause of many computer system security failures. This disserta...
The prevalent usage of open-source software (OSS) has led to an increased interest in resolving pote...
This exploratory empirical paper investigates annual time delays between vulnerability disclosure no...
Software vulnerabilities are the root cause of many computer system security fail- ures. This disser...
Today, digital development is happening at such a high rate that security is not as prioritized as i...
Software security plays a crucial role in the modern world governed by software. And while closed so...
Common Vulnerabilities and Exposures (CVE) is an international, community-based effort, including in...
Known security vulnerabilities are introduced in software systems as a result of depending on third-...
Collaborative functionality is changing the way information is amassed, refined, and disseminated in...
Reducing the time taken to discover and fix vulnerabilities in open source software projects is incr...
This empirical paper examines the time delays that occur between the publication of Common Vulnerabi...
It is difficult for end-users to judge the risk posed by software security vulnerabilities. This the...
Software vulnerabilities are weaknesses in source code that can be potentially exploited to cause lo...
There is little or no information available on what actually happens when a software vulnerability i...
This empirical paper models three structural factors that are hypothesized to affect the turnaround ...
Software vulnerabilities are the root cause of many computer system security failures. This disserta...
The prevalent usage of open-source software (OSS) has led to an increased interest in resolving pote...
This exploratory empirical paper investigates annual time delays between vulnerability disclosure no...
Software vulnerabilities are the root cause of many computer system security fail- ures. This disser...
Today, digital development is happening at such a high rate that security is not as prioritized as i...
Software security plays a crucial role in the modern world governed by software. And while closed so...
Common Vulnerabilities and Exposures (CVE) is an international, community-based effort, including in...
Known security vulnerabilities are introduced in software systems as a result of depending on third-...
Collaborative functionality is changing the way information is amassed, refined, and disseminated in...