A Large-Scale Empirical Study on the Generalizability of Disclosed Java Library Vulnerability Exploits
Open-source software supply chain security relies heavily on assessing affected versions of library vulnerabilities. While prior studies have leveraged exploits for verifying vulnerability affected versions, they point out a key limitation that exploits are version-specific and cannot be directly...