International Journal For Multidisciplinary Research

E-ISSN: 2582-2160     Impact Factor: 9.24

A Widely Indexed Open Access Peer Reviewed Multidisciplinary Bi-monthly Scholarly International Journal

Call for Paper Volume 8, Issue 2 (March-April 2026) Submit your research before last 3 days of April to publish your research paper in the issue of March-April.
Submit Research Paper Join as a Reviewer

Plagiarism is checked by the leading plagiarism checker TurnItIn

Call for Paper

Volume 8 Issue 2
March-April 2026

Submit your research paper

Indexing Partners
Academia Advanced Sciences Index Bielefeld Academic Search Engine CiteSeer DRJI Google Scholar Independent Search Engine & Directory Network ISI (International Scientific Indexing) Issuu Mendeley Research Networks
RefSeek ResearcherId - Thomson Reuters ResearchGate Scirus Scribd Semantic Scholar UTeM - Universiti Teknikal Malaysia Melaka Wiki for Call for Papers WorldCat Zenodo

Weak Links in the Chain: A Quantitative Analysis of Security Flaws in Open Source Projects

Author(s) Ms. Sakshi Bhardwaj, Ms. soumya bhardwaj, Prof. Dr. Nitish Kumar
Country India
Abstract This paper presents a quantitative analysis of
security vulnerabilities in open-source projects, leveraging
large-scale datasets to examine their prevalence, typology, and
broader implications. By analysing diverse projects and their
dependency structures, we identify recurring weaknesses and
assess the effectiveness of detection and mitigation strategies.
Our study integrates static application security testing and
software composition analysis to capture both inherent code
flaws and supply chain risks, while also considering theoretical
perspectives from complexity theory and undecidability in
assessing vulnerability management. Furthermore, we
investigate the impact of project abandonment on long-term
security, demonstrating a correlation between maintenance
cessation and the persistence of unresolved vulnerabilities. The
findings provide actionable insights for developers, maintainers,
and security professionals, highlighting best practices for
embedding security throughout the software development
lifecycle and underscoring the importance of continuous
monitoring and proactive risk management in strengthening the
resilience of open-source ecosystems.
Keywords Open-source software security; Vulnerability analysis; Software supply chain risks; Dependency management; Secure software development lifecycle
Field Engineering
Published In Volume 7, Issue 5, September-October 2025
Published On 2025-10-18
DOI https://doi.org/10.36948/ijfmr.2025.v07i05.57871
View / Download PDF File

Share this



E-ISSN 2582-2160
CrossRef

CrossRef DOI is assigned to each research paper published in our journal.

IJFMR DOI prefix is
10.36948/ijfmr

Downloads
Research Paper Format Copyright Permission Form and Undertaking Form Cover Page Vol 8 Isu 2Cover Page Vol 8 Isu 1Cover Page Vol 7 Isu 6

All research papers published on this website are licensed under Creative Commons Attribution-ShareAlike 4.0 International License, and all rights belong to their respective authors/researchers.

CC-BY-SA Open Access

About IJFMR
Fees & Payment
Current Issue
Publication Archive 		Submit Research Paper
Track Submission Status
Publication Guidelines
Publication Ethics
Peer Review & Plagiarism 		Join as a Reviewer
Editors & Reviewers
Reviewer Referral Program
Get Reviewer Membership Certi. 		Website/Journal Policies
Usage Policy
Content Policies
Privacy Policy
Contact Us +91-9687-828-838 editor@ijfmr.com
Powered by Sky Research Publication and Journals