论文标题
Node.js应用程序中基于代码的漏洞检测:我们有多远?
Code-based Vulnerability Detection in Node.js Applications: How far are we?
论文作者
论文摘要
JavaScript运行时环境Node.js是最大可重复使用的软件包的最大收藏集合之一,是最受欢迎的编程应用程序之一。最近的工作表明,在开源和工业软件中,已知漏洞都普遍存在,我们建议并实施了针对Node.js应用程序的可行的基于代码的漏洞检测工具。我们的案例研究列出了实施Node.js脆弱的代码检测器时遇到的挑战。
With one of the largest available collection of reusable packages, the JavaScript runtime environment Node.js is one of the most popular programming application. With recent work showing evidence that known vulnerabilities are prevalent in both open source and industrial software, we propose and implement a viable code-based vulnerability detection tool for Node.js applications. Our case study lists the challenges encountered while implementing our Node.js vulnerable code detector.
