Abstract: For a vulnerability reported as an item of platforms such as CVE or NVD, software maintainers need to submit patches (in the form of code commit) to fix it, which is often performed silently ...