{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T12:59:42Z","timestamp":1761569982759,"version":"build-2065373602"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,6,20]]},"DOI":"10.1145\/3755881.3755886","type":"proceedings-article","created":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T11:46:17Z","timestamp":1761565577000},"page":"1-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards understanding the security issues of Python programs"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-0812-2018","authenticated-orcid":false,"given":"Hongcheng","family":"Fan","sequence":"first","affiliation":[{"name":"Nanjing University, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-2761-9427","authenticated-orcid":false,"given":"Di","family":"Liu","sequence":"additional","affiliation":[{"name":"Jiangsu Police Institute, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0004-3581-6832","authenticated-orcid":false,"given":"Jielun","family":"Wu","sequence":"additional","affiliation":[{"name":"Nanjing University, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7477-3642","authenticated-orcid":false,"given":"Yang","family":"Feng","sequence":"additional","affiliation":[{"name":"Nanjing University, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8297-8998","authenticated-orcid":false,"given":"Qingkai","family":"Shi","sequence":"additional","affiliation":[{"name":"Nanjing Unviersity, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7743-1296","authenticated-orcid":false,"given":"Baowen","family":"Xu","sequence":"additional","affiliation":[{"name":"Nanjing University, Nanjing, China"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2025,10,27]]},"reference":[{"key":"e_1_3_3_2_2_2","doi-asserted-by":"crossref","unstructured":"Mahmoud Alfadel Diego\u00a0Elias Costa and Emad Shihab. 2023. Empirical analysis of security vulnerabilities in python packages. Empirical Software Engineering 28 3 (2023) 59.","DOI":"10.1007\/s10664-022-10278-4"},{"key":"e_1_3_3_2_3_2","unstructured":"Charles\u00a0Harris Andrew\u00a0Nelson Atsushi\u00a0Sakai. 2023. SciPy. https:\/\/scipy.org\/"},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387513"},{"key":"e_1_3_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.31"},{"key":"e_1_3_3_2_6_2","volume-title":"Learning flask framework","author":"Copperwaite Matt","year":"2015","unstructured":"Matt Copperwaite and Charles Leifer. 2015. Learning flask framework. Packt Publishing Ltd."},{"key":"e_1_3_3_2_7_2","unstructured":"The\u00a0MITRE Corporation. 2006-2023. CVE. https:\/\/cve.mitre.org\/"},{"key":"e_1_3_3_2_8_2","unstructured":"The\u00a0MITRE Corporation. 2006-2023. CWE Common Weakness Enumeration. https:\/\/cwe.mitre.org\/index.html"},{"key":"e_1_3_3_2_9_2","unstructured":"The\u00a0MITRE Corporation. 2006-2023. CWE Glossary. https:\/\/cwe.mitre.org\/documents\/glossary\/index.html"},{"key":"e_1_3_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2019.00041"},{"key":"e_1_3_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1145\/3643916.3644416"},{"key":"e_1_3_3_2_12_2","unstructured":"CVE. [n. d.]. CVE-2014-0160 Detail. https:\/\/www.cve.org\/CVERecord?id=CVE-2014-0160"},{"key":"e_1_3_3_2_13_2","unstructured":"CVSS. [n. d.]. Common Vulnerability Scoring System Version 4.0 Calculator. https:\/\/www.first.org\/cvss\/calculator\/4.0#"},{"key":"e_1_3_3_2_14_2","unstructured":"django. [n. d.]. Django. https:\/\/github.com\/django\/django"},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"crossref","unstructured":"Alexandru Dura Christoph Reichenbach and Emma S\u00f6derberg. 2021. JavaDL: automatically incrementalizing Java bug pattern detection. Proceedings of the ACM on Programming Languages 5 OOPSLA (2021) 1\u201331.","DOI":"10.1145\/3485542"},{"key":"e_1_3_3_2_16_2","first-page":"226","volume-title":"Proceedings of the Second International Conference on Knowledge Discovery and Data Mining (KDD-96), Portland, Oregon, USA","author":"Ester Martin","year":"1996","unstructured":"Martin Ester, Hans-Peter Kriegel, J\u00f6rg Sander, and Xiaowei Xu. 1996. A Density-Based Algorithm for Discovering Clusters in Large Spatial Databases with Noise. In Proceedings of the Second International Conference on Knowledge Discovery and Data Mining (KDD-96), Portland, Oregon, USA, Evangelos Simoudis, Jiawei Han, and Usama\u00a0M. Fayyad (Eds.). AAAI Press, 226\u2013231. http:\/\/www.aaai.org\/Library\/KDD\/1996\/kdd96-037.php"},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/2950290.2950308"},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"crossref","unstructured":"Abram Hindle Earl\u00a0T Barr Mark Gabel Zhendong Su and Premkumar Devanbu. 2016. On the naturalness of software. Commun. ACM 59 5 (2016) 122\u2013131.","DOI":"10.1145\/2902362"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"crossref","unstructured":"Shin Hong and Moonzoo Kim. 2013. Effective pattern-driven concurrency bug detection for operating systems. Journal of Systems and Software 86 2 (2013) 377\u2013388.","DOI":"10.1016\/j.jss.2012.08.063"},{"key":"e_1_3_3_2_20_2","unstructured":"Paul Jansen. 2025. TIOBE Index for January 2025. https:\/\/www.tiobe.com\/tiobe-index\/"},{"key":"e_1_3_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1145\/1572272.1572283"},{"key":"e_1_3_3_2_22_2","unstructured":"Lo\u00efc\u00a0Est\u00e8ve J\u00e9r\u00e9mie\u00a0du Boisberranger Joris Van den\u00a0Bossche. 2007. scikit-learn. https:\/\/scikit-learn.org\/dev\/index.html"},{"key":"e_1_3_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.5555\/2486788.2486893"},{"key":"e_1_3_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/3135932.3135941"},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"crossref","unstructured":"Kui Liu Dongsun Kim Tegawend\u00e9\u00a0F Bissyand\u00e9 Shin Yoo and Yves Le\u00a0Traon. 2018. Mining fix patterns for findbugs violations. IEEE Transactions on Software Engineering 47 1 (2018) 165\u2013188.","DOI":"10.1109\/TSE.2018.2884955"},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2019.8667970"},{"key":"e_1_3_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1145\/3106237.3106253"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/2568225.2568317"},{"key":"e_1_3_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/ASE.2013.6693078"},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1109\/SEAA60479.2023.00069"},{"key":"e_1_3_3_2_31_2","unstructured":"pallets. [n. d.]. Flask. https:\/\/github.com\/pallets\/flask"},{"key":"e_1_3_3_2_32_2","doi-asserted-by":"crossref","unstructured":"Kai Pan Sunghun Kim and E\u00a0James Whitehead. 2009. Toward an understanding of bug fix patterns. Empirical Software Engineering 14 (2009) 286\u2013315.","DOI":"10.1007\/s10664-008-9077-5"},{"key":"e_1_3_3_2_33_2","volume-title":"USENIX","author":"Provos Niels","year":"1999","unstructured":"Niels Provos and David Mazieres. 1999. Bcrypt algorithm. In USENIX."},{"key":"e_1_3_3_2_34_2","doi-asserted-by":"publisher","DOI":"10.5555\/3207760"},{"key":"e_1_3_3_2_35_2","doi-asserted-by":"publisher","DOI":"10.1109\/IWESEP.2018.00013"},{"key":"e_1_3_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.1109\/PST52912.2021.9647791"},{"key":"e_1_3_3_2_37_2","unstructured":"Common Vulnerability\u00a0Scoring System. [n. d.]. Common Vulnerability Scoring System: Specification Document. https:\/\/www.first.org\/cvss\/specification-document"},{"key":"e_1_3_3_2_38_2","doi-asserted-by":"publisher","DOI":"10.53735\/cisse.v11i1.180"},{"key":"e_1_3_3_2_39_2","unstructured":"Huibo Wang Mingshen Sun Qian Feng Pei Wang Tongxin Li and Yu Ding. 2020. Towards memory safe python enclave for security sensitive computation. arXiv preprint arXiv:https:\/\/arXiv.org\/abs\/2005.05996 (2020)."},{"key":"e_1_3_3_2_40_2","doi-asserted-by":"publisher","DOI":"10.1145\/3368089.3417943"},{"key":"e_1_3_3_2_41_2","unstructured":"wikipedia. 2023. Common Vulnerability Scoring System. https:\/\/en.wikipedia.org\/wiki\/Common_Vulnerability_Scoring_System#:\u00a0:text=The%20Common%20Vulnerability%20Scoring%20System%20%28CVSS%29%20is%20a to%20prioritize%20responses%20and%20resources%20according%20to%20threat."},{"key":"e_1_3_3_2_42_2","unstructured":"wikipedia. 2025. Security bug. https:\/\/en.wikipedia.org\/wiki\/Security_bug"},{"key":"e_1_3_3_2_43_2","doi-asserted-by":"crossref","unstructured":"Yilin Yang Tianxing He Yang Feng Shaoying Liu and Baowen Xu. 2022. Mining Python fix patterns via analyzing fine-grained source code changes. Empirical Software Engineering 27 2 (2022) 48.","DOI":"10.1007\/s10664-021-10087-1"},{"key":"e_1_3_3_2_44_2","doi-asserted-by":"crossref","unstructured":"He Ye Matias Martinez Thomas Durieux and Martin Monperrus. 2021. A comprehensive study of automatic program repair on the QuixBugs benchmark. Journal of Systems and Software 171 (2021) 110825.","DOI":"10.1016\/j.jss.2020.110825"},{"key":"e_1_3_3_2_45_2","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678720"},{"key":"e_1_3_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1109\/ASE51524.2021.9678720"}],"event":{"name":"Internetware 2025: the 16th International Conference on Internetware","sponsor":["SIGSOFT ACM Special Interest Group on Artificial Intelligence"],"location":"Trondheim Norway","acronym":"Internetware 2025"},"container-title":["Proceedings of the 16th International Conference on Internetware"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3755881.3755886","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,27]],"date-time":"2025-10-27T11:46:55Z","timestamp":1761565615000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3755881.3755886"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,6,20]]},"references-count":45,"alternative-id":["10.1145\/3755881.3755886","10.1145\/3755881"],"URL":"https:\/\/doi.org\/10.1145\/3755881.3755886","relation":{},"subject":[],"published":{"date-parts":[[2025,6,20]]},"assertion":[{"value":"2025-10-27","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}