Code-Based Vulnerability Detection in Node.js Applications: How far are we?

With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and imp...

Full description

Saved in:
Bibliographic Details
Published in:2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE) pp. 1199 - 1203
Main Authors: Chinthanet, Bodin, Ponta, Serena Elisa, Plate, Henrik, Sabetta, Antonino, Kula, Raula Gaikovina, Ishio, Takashi, Matsumoto, Kenichi
Format: Conference Proceeding
Language:English
Published: ACM 01.09.2020
Subjects:
Code-based
Complexity theory
Detectors
Node.js
Programming
Runtime environment
Software
Software Dependencies
Software engineering
Vulnerability Detection
ISSN:2643-1572
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and implement a viable code-based vulnerability detection tool for Node.js applications. Our case study lists the challenges encountered while implementing our Node.js vulnerable code detector.
ISSN:2643-1572
DOI:10.1145/3324884.3421838