Understanding vulnerabilities in software supply chains

Yijun Shen, Xiang Gao, Hailong Sun, Yu Guo

Published: 2025, Last Modified: 17 Jan 2026Empir. Softw. Eng. 2025EveryoneRevisionsBibTeXCC BY-SA 4.0

Abstract: Due to the dependency relations among software, vulnerabilities in software supply chains (SSC) may cause more serious security threats than independent software systems. This poses new challenges for ensuring software security including the spread of risks and the increase in maintenance costs.

External IDs:dblp:journals/ese/ShenGSG25