Bytecode-Centric Detection of Known-To-Be-Vulnerable Dependencies in Java Projects
On average, 71% of the code in typical Java projects comes from open-source software OSS dependencies, making OSS dependencies the dominant component of modern software code bases. This high degree of OSS reliance comes with a considerable security risk of adding known security vulnerabilities to...