Large scale study of orphan vulnerabilities in the software supply chain,

David Reid, Kristiina Rahkema, James Walden · 2023 · arXiv 7555.361787

2 Pith papers cite this work. Polarity classification is still indexing.

2 Pith papers citing it

representative citing papers

cs.SE · 2026-06-29 · unverdicted · novelty 6.0

Large-scale analysis of 200K PyPI packages identifies 1,361 replicated popular packages, 256 replicated vulnerable packages, and 7 new replicated malicious packages, showing replication as a security threat vector.

Poking Around in the Dark: Why a Shared Understanding of Components Matters

cs.SE · 2026-06-01 · unverdicted · novelty 5.0

Empirical evaluation shows popular SBOM tools miss CIMs across languages, so security-grade SBOMs are not achievable under current definitions.

citing papers explorer

Showing 2 of 2 citing papers.

Uncovering Similar but Different Packages in PyPI and Potential Security Threats cs.SE · 2026-06-29 · unverdicted · none · ref 32
Large-scale analysis of 200K PyPI packages identifies 1,361 replicated popular packages, 256 replicated vulnerable packages, and 7 new replicated malicious packages, showing replication as a security threat vector.
Poking Around in the Dark: Why a Shared Understanding of Components Matters cs.SE · 2026-06-01 · unverdicted · none · ref 65
Empirical evaluation shows popular SBOM tools miss CIMs across languages, so security-grade SBOMs are not achievable under current definitions.

Large scale study of orphan vulnerabilities in the software supply chain,

fields

years

verdicts

representative citing papers

citing papers explorer