{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:40:42Z","timestamp":1772041242159,"version":"3.50.1"},"reference-count":28,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/legalcode"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Open J. Comput. Soc."],"published-print":{"date-parts":[[2024]]},"DOI":"10.1109\/ojcs.2024.3422686","type":"journal-article","created":{"date-parts":[[2024,7,3]],"date-time":"2024-07-03T17:43:45Z","timestamp":1720028625000},"page":"368-379","source":"Crossref","is-referenced-by-count":5,"title":["A Taxonomy for Python Vulnerabilities"],"prefix":"10.1109","volume":"5","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9816-3216","authenticated-orcid":false,"given":"Fr\u00e9d\u00e9ric C. G.","family":"Bogaerts","sequence":"first","affiliation":[{"name":"Department of Informatics Engineering, University of Coimbra, CISUC, DEI, Coimbra, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8376-6711","authenticated-orcid":false,"given":"Naghmeh","family":"Ivaki","sequence":"additional","affiliation":[{"name":"Department of Informatics Engineering, University of Coimbra, CISUC, DEI, Coimbra, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4710-9292","authenticated-orcid":false,"given":"Jos\u00e9","family":"Fonseca","sequence":"additional","affiliation":[{"name":"Department of Informatics Engineering, Polytechnic Institute of Guarda, University of Coimbra, CISUC, Guarda, Portugal"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Tiobe (2024) tiobe index","year":"2024"},{"key":"ref2","article-title":"What are the most secure programming languages?","year":"2023"},{"key":"ref3","article-title":"Guide for conducting risk assessments","year":"2012"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W58399.2023.00060"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1109\/32.177364"},{"key":"ref6","article-title":"Common weakness enumeration (CWE)","year":"2023"},{"key":"ref7","article-title":"Owasp top ten","year":"2023"},{"key":"ref8","article-title":"Python CVE security vulnerabilities, versions and detailed reports","year":"2023"},{"key":"ref9","article-title":"CVE security vulnerabilities","year":"2024"},{"key":"ref10","article-title":"Snyk - developer security - develop fast. stay secure. - snyk","year":"2023"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/3475960.3475985"},{"key":"ref13","article-title":"Blacklist calls  bandit documentation"},{"key":"ref14","article-title":"Semgrep","year":"2023"},{"key":"ref15","article-title":"Sonarsource rules","year":"2023"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.acl-main.173"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2022.acl-long.229"},{"key":"ref18","article-title":"Vaitp","author":"F","year":"2023"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1109\/52.646883"},{"key":"ref20","first-page":"1","article-title":"Classification of defect types in requirements specifications: Literature review, proposal and assessment","volume-title":"Proc. IEEE 6th Iberian Conf. Inf. Syst. Technol.","author":"Margarido","year":"2011"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2006.113"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/dsn.2003.1209922"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1145\/185403.185412"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1002\/smr.2376"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE52982.2021.00055"},{"key":"ref26","article-title":"Vaitp","author":"Bogaerts","year":"2023"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2023.findings-emnlp.637"},{"key":"ref28","first-page":"137","article-title":"The Common Vulnerability Scoring System (CVSS) generations  usefulness and deficiencies","author":"Horvth","year":"2016"},{"key":"ref29","first-page":"1877","article-title":"Language models are few-shot learners","volume":"33","author":"Brown","year":"2020","journal-title":"Adv. Neural Inf. Process. Syst."}],"container-title":["IEEE Open Journal of the Computer Society"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/8782664\/10375894\/10584270.pdf?arnumber=10584270","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,8,4]],"date-time":"2024-08-04T04:02:50Z","timestamp":1722744170000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10584270\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":28,"URL":"https:\/\/doi.org\/10.1109\/ojcs.2024.3422686","relation":{},"ISSN":["2644-1268"],"issn-type":[{"value":"2644-1268","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]}}}