{"id":"W3162867182","doi":"10.1109/saner50967.2021.00048","title":"Empirical Analysis of Security Vulnerabilities in Python Packages","year":2021,"lang":"en","type":"article","venue":"","topic":"Advanced Malware Detection Techniques","field":"Computer Science","cited_by":69,"is_retracted":false,"has_abstract":true,"ca_institutions":"Concordia University","funders":"","keywords":"Computer science; Python (programming language); Software security assurance; Software engineering; Secure coding; Software; Software development; Computer security; Reusability; Vulnerability (computing); Ecosystem; Security bug; Software bug; Programming language; Information security; Security service","routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false,"invisible_to_affiliation_only":false},"retraction":null,"screen":null,"direct_labels":[],"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":[],"consensus_categories":[],"category_scores_codex":[0.000210832,0.00006878246,0.0002317804,0.0003072352,0.00001928319,0.000023591,0.0002273249,0.00004731201,0.00008888014],"category_scores_gemma":[0.0001844655,0.00006451541,0.0001022093,0.002311151,0.00003737141,0.0002630526,0.0001908722,0.0001018904,0.000001565156],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.00004080337,"about_ca_system_score_gemma":0.00003966627,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.00006220139,"about_ca_topic_score_gemma":0.0004352427,"domain_scores_codex":[0.9990751,0.0001211027,0.0002351034,0.0002832606,0.0001630078,0.0001224748],"domain_scores_gemma":[0.9990978,0.0001973717,0.00004675526,0.0005005775,0.0001266874,0.00003084211],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"observational","study_design_gemma":"bench_or_experimental","study_design_scores_codex":[0.00004097584,0.001834933,0.5797541,0.0002488755,0.0009944683,0.0003969745,0.02253209,0.007744198,0.02749981,0.2515137,0.002542807,0.104897],"study_design_scores_gemma":[0.0001719407,0.00009883236,0.05549225,0.00001322469,0.00004591628,0.000008527135,0.0006484858,0.0458483,0.808523,0.08709084,0.001778292,0.0002803787],"study_design_candidate":"bench_or_experimental","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.2276372,0.00006469231,0.7689055,0.000450497,0.00004071636,0.00003816681,0.000002204502,0.0002534103,0.002607676],"genre_scores_gemma":[0.9237339,0.00001687676,0.07592063,0.00014154,0.000005173507,0.000008470017,0.000001440456,0.000002711917,0.0001692461],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7810232,"threshold_uncertainty_score":0.2630862,"prediction_status":"machine_predicted_unvalidated"},"machine_scores":{"provisional":true,"baseline":true,"maturity_gate_passed":false,"score_opus":0.01922781589977326,"score_gpt":0.3218216007605468,"score_spread":0.3025937848607735,"validation_status":"score_only:v0-immature-baseline","note":"Baseline scores from an immature model (maturity gate not passed). Scores rank; they never assert a category."}}