3 matches found
Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information
The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...
Software Supply Chain Smells: Lightweight Analysis for Secure Dependency Management
Modern software systems heavily rely on third-party dependencies, making software supply chain security a critical concern. We introduce the concept of software supply chain smells as structural indicators that signal potential security risks. We design and evaluate Dirty-Waters, a novel tool for...
Use of wrong Library file directory
Lines of code Vulnerability details Impact Importing the wrong library file path in the Vault Factory contract can pose several risks: Functionality Issues: If you import the wrong library, the functions and features you expect to use may not be available or may behave differently. This can lead ...