[PUBLICATION] ARVO: Atlas of Reproducible Vulnerabilities for Open Source Software
We introduce ARVO: an Atlas of Reproducible Vulnerabilities in Open-source software. Sourcing vulnerabilities from C/C++ projects that Google’s OSS-Fuzz discovered, we successfully reproduce more than 9,000 memory vulnerabilities across over 250 projects, each with a triggering input, the canonical patch, and the ability to automatically reproduce the project from source.
ResearchLLMSecurity