Visa Inc.
OPEN SOURCE VULNERABILITY REMEDIATION TOOL

Abstract:

A method and system for remediating vulnerable code libraries, including open source libraries, in a software application are disclosed. An application that uses code libraries and information regarding known library vulnerabilities is received, then it can be determined if one or more libraries in the application is vulnerable based upon the information. For each of the one or more vulnerable libraries a library version that minimizes risk is determined. The determined library version is incorporated into the application to form a test application, and an application test is performed on the test application. If the application test is below a predetermined threshold, the determined library version is incorporated into a final application precursor. A final application can be determined from the final application precursor for each vulnerable library.