View article

Software vulnerabilities are one of the leading causes of the loss of confidential data resulting in financial damages in the industry. As a result, software companies strive to discover potential vulnerabilities before the software is deployed. While traditionally, software metrics have been widely used to uncover vulnerabilities, more recent studies have been looking at code smells to detect vulnerabilities. This preliminary study explores the relationship between smells, design issues, and software vulnerabilities. As smells and design issues are indicators of potential problems in the software, establishing a relationship with vulnerabilities can be helpful for vulnerability prediction. In this study, we analyzed 561 versions of nine open-source software by exploring the smells and design issues in the vulnerable and non-vulnerable classes. We found that some smells and design issues have a statistically …