The xz-utils incident involved a maintainer who had joined the project two years prior maliciously introducing a vulnerability into the software, highlighting the challenges of vulnerability management and supply chain mistrust.

Authors

• Person: Not available Organization: arXiv
  A Mixed-Methods Study of Open-Source Software Maintainers On ...

Sources

• A Mixed-Methods Study of Open-Source Software Maintainers On ... arxiv.org arXiv via serper

Referenced by nodes (1)

• vulnerability management concept