Empirical Software Engineering23(1), 384–417 (2018)

Kula, R · 2018 · DOI 10.1007/s10664-017-9521-5

2 Pith papers cite this work. Polarity classification is still indexing.

2 Pith papers citing it

open at publisher browse 2 citing papers

citation-role summary

background 2

citation-polarity summary

background 2

representative citing papers

Correct Code, Vulnerable Dependencies: A Large Scale Measurement Study of LLM-Specified Library Versions

cs.SE · 2026-05-07 · conditional · novelty 8.0

LLMs frequently specify library versions with known CVEs in generated code (36-56% of tasks), show low compatibility (20-63%), and converge on the same risky versions across models.

Hidden Dependencies and Component Variants in SBOM-Based Software Composition Analysis

cs.SE · 2026-04-23 · unverdicted · novelty 5.0

Hidden dependencies and component variants in SBOMs cause inconsistent vulnerability reporting and VEX handling across scanners.

citing papers explorer

Showing 2 of 2 citing papers.

Correct Code, Vulnerable Dependencies: A Large Scale Measurement Study of LLM-Specified Library Versions cs.SE · 2026-05-07 · conditional · none · ref 29
LLMs frequently specify library versions with known CVEs in generated code (36-56% of tasks), show low compatibility (20-63%), and converge on the same risky versions across models.
Hidden Dependencies and Component Variants in SBOM-Based Software Composition Analysis cs.SE · 2026-04-23 · unverdicted · none · ref 24
Hidden dependencies and component variants in SBOMs cause inconsistent vulnerability reporting and VEX handling across scanners.

Empirical Software Engineering23(1), 384–417 (2018)

citation-role summary

citation-polarity summary

fields

years

verdicts

roles

polarities

representative citing papers

citing papers explorer