“I’m incentivized to lie to make the CVE [severity] lower because it makes my project look bad, you have to be really, really honest […] I noticed a lot of people like downgrade their CVEs.”

Authors

• Person: Not available Organization: arXiv
  A Mixed-Methods Study of Open-Source Software Maintainers On ...

Sources

• A Mixed-Methods Study of Open-Source Software Maintainers On ... arxiv.org arXiv via serper

Referenced by nodes (1)

• CVE concept