This research represents my first independently completed scientific endeavor during my doctoral studies. The dataset was made publicly available in 2022, and recently, several researchers have expressed interest in reproducing the code. As a result, I have decided to open-source the code associated with the paper.
Open source the code and data from our paper 'VERJava: Vulnerable Version Identification for Java OSS with a Two-Stage Analysis (ICSME 2022)'
In light of the prevalent inaccuracies and omissions in version ranges within existing vulnerability databases such as NVD, we have provided VERJava, an automated tool for assessing the actual impact versions of vulnerabilities within given Java CVE.
We have made the dataset openly available, and at the time of its release in 2022, https://github.com/sunSUNQ/VERJava_Dataset, it was the sole dataset in the industry to encompass vulnerability impact version ranges. The annotation of this dataset required significant time and human resources, and we have chosen to open-source it as a contribution to the open-source community.