Known Vulnerabilities of Open Source Projects: Where Are the Fixes?

Abstract

Every day, developers have the daunting task of tracing vulnerabilities back in a morass of commits. In this article, we report the experience of the industrial open source tool, Prospector, to support developers in this task.

Publication
IEEE Security and Privacy