Dataset: Security vulnerabilities in open-source reused systems

Dataset

Gkortzis, A. (Creator), Feitosa, D. (Creator), Spinellis, D. (Creator), University of Groningen, 3-Nov-2019

DOI: https://doi.org/10.5281/zenodo.2566054, https://github.com/AntonisGkortzis/Vulnerabilities-in-Reused-Software

Dataset

Links

https://github.com/AntonisGkortzis/Vulnerabilities-in-Reused-Software Scripts

DOI

https://doi.org/10.5281/zenodo.2566054

Antonios Gkortzis (Creator)
Daniel Feitosa (Creator)
Diomidis Spinellis (Creator)

Description

This dataset comprise 2017 Java projects. It contains information related to their external dependencies and its potential and disclosed security vulnerabilities.
The potential vulnerabilities were detected with the use of the SpotBugs static analyzer tool, while the disclosed ones with the use of OWASP Dependency Check tool.
This dataset was generated during a research effort to correlate software reuse to security vulnerabilities.
The scripts for reproducing the dataset and analyzing it are available on GitHub under this link [https://github.com/AntonisGkortzis/Vulnerabilities-in-Reused-Software].

Date made available	3-Nov-2019
Publisher	University of Groningen

Access to the dataset	Open
Contact	researchdata@rug.nl

Keywords on Datasets

Security, open source, Java, OWASP Dependency Check, SpotBugs static analyzer

Related Publications

A Double-Edged Sword? Software Reuse and Potential Security Vulnerabilities
Gkortzis, A., Feitosa, D. & Spinellis, D., 2019, (Accepted/In press) Proceedings of the 18th International Conference on Software and Systems Reuse (ICSR '19). 16 p.
Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review