ResearchTrend.AI
28
1

The Secret Life of CVEs

Piotr Przymus
Mikołaj Fejzer
Jakub Narębski
Krzysztof Stencel
ArXivPDFHTML
Abstract

The Common Vulnerabilities and Exposures (CVEs) system is a reference method for documenting publicly known information security weaknesses and exposures. This paper presents a study of the lifetime of CVEs in software projects and the risk factors affecting their existence. The study uses survival analysis to examine how features of programming languages, projects, and CVEs themselves impact the lifetime of CVEs. We suggest avenues for future research to investigate the effect of various factors on the resolution of vulnerabilities.

View on arXiv
@article{przymus2025_2504.03863,
  title={ The Secret Life of CVEs },
  author={ Piotr Przymus and Mikołaj Fejzer and Jakub Narębski and Krzysztof Stencel },
  journal={arXiv preprint arXiv:2504.03863},
  year={ 2025 }
}
Comments on this paper