Code-Based Vulnerability Detection in Node.js Applications: How far are we?

@article{Chinthanet2020CodeBasedVD,
  title={Code-Based Vulnerability Detection in Node.js Applications: How far are we?},
  author={Bodin Chinthanet and Serena Elisa Ponta and H. Plate and Antonino Sabetta and R. Kula and T. Ishio and Kenichi Matsumoto},
  journal={2020 35th IEEE/ACM International Conference on Automated Software Engineering (ASE)},
  year={2020},
  pages={1199-1203}
}
With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and implement a viable code-based vulnerability detection tool for Node.js applications. Our case study lists the challenges encountered while implementing our Node.js vulnerable code detector. 

Figures, Tables, and Topics from this paper