Assessing Browser Security: A Detailed Study Based on CVE Metrics
This study systematically evaluates the vulnerabilities of modern web browsers using developed indices derived from the CVE database, including <i>I<sub>CVE</sub></i>, <i>I<sub>CVSS</sub></i>, <i>I<sub>R</sub></i> and <i>I...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-02-01
|
| Series: | Future Internet |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1999-5903/17/3/104 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850090782394941440 |
|---|---|
| author | Oleksii Chalyi Kęstutis Driaunys Vytautas Rudžionis |
| author_facet | Oleksii Chalyi Kęstutis Driaunys Vytautas Rudžionis |
| author_sort | Oleksii Chalyi |
| collection | DOAJ |
| description | This study systematically evaluates the vulnerabilities of modern web browsers using developed indices derived from the CVE database, including <i>I<sub>CVE</sub></i>, <i>I<sub>CVSS</sub></i>, <i>I<sub>R</sub></i> and <i>I<sub>T</sub></i>. These indices incorporate metrics such as vulnerability severity and risks, along with browser popularity, to enable a balanced comparison of browser security. The results highlight significant differences in browser security: while Google Chrome and Samsung Internet exhibited lower threat indices, Mozilla Firefox demonstrated consistently higher scores, indicating greater exposure to risks. These observations a slightly contradict widespread opinion. The findings emphasize the importance of timely software updates in mitigating vulnerabilities, as many incidents were linked to outdated browser versions. This study also introduces a robust methodology for assessing browser threats, providing a framework for future research. Potential applications include developing browser-based penetration testing systems to simulate phishing and data extraction scenarios, offering insights into user-specific risks and broader organizational impacts. By combining theoretical analysis with practical implications, this work contributes to advancing browser security and lays the foundation for future applied research in cybersecurity. |
| format | Article |
| id | doaj-art-d1390b09a53643db8ea80c4ce1d6f7fb |
| institution | DOAJ |
| issn | 1999-5903 |
| language | English |
| publishDate | 2025-02-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Future Internet |
| spelling | doaj-art-d1390b09a53643db8ea80c4ce1d6f7fb2025-08-20T02:42:30ZengMDPI AGFuture Internet1999-59032025-02-0117310410.3390/fi17030104Assessing Browser Security: A Detailed Study Based on CVE MetricsOleksii Chalyi0Kęstutis Driaunys1Vytautas Rudžionis2Institute of Social Sciences and Applied Informatics, Vilnius University, Muitines St 8, LT-44280 Kaunas, LithuaniaInstitute of Social Sciences and Applied Informatics, Vilnius University, Muitines St 8, LT-44280 Kaunas, LithuaniaInstitute of Social Sciences and Applied Informatics, Vilnius University, Muitines St 8, LT-44280 Kaunas, LithuaniaThis study systematically evaluates the vulnerabilities of modern web browsers using developed indices derived from the CVE database, including <i>I<sub>CVE</sub></i>, <i>I<sub>CVSS</sub></i>, <i>I<sub>R</sub></i> and <i>I<sub>T</sub></i>. These indices incorporate metrics such as vulnerability severity and risks, along with browser popularity, to enable a balanced comparison of browser security. The results highlight significant differences in browser security: while Google Chrome and Samsung Internet exhibited lower threat indices, Mozilla Firefox demonstrated consistently higher scores, indicating greater exposure to risks. These observations a slightly contradict widespread opinion. The findings emphasize the importance of timely software updates in mitigating vulnerabilities, as many incidents were linked to outdated browser versions. This study also introduces a robust methodology for assessing browser threats, providing a framework for future research. Potential applications include developing browser-based penetration testing systems to simulate phishing and data extraction scenarios, offering insights into user-specific risks and broader organizational impacts. By combining theoretical analysis with practical implications, this work contributes to advancing browser security and lays the foundation for future applied research in cybersecurity.https://www.mdpi.com/1999-5903/17/3/104CVEbrowser threatsinformation securityCVSSEPSSrisk |
| spellingShingle | Oleksii Chalyi Kęstutis Driaunys Vytautas Rudžionis Assessing Browser Security: A Detailed Study Based on CVE Metrics Future Internet CVE browser threats information security CVSS EPSS risk |
| title | Assessing Browser Security: A Detailed Study Based on CVE Metrics |
| title_full | Assessing Browser Security: A Detailed Study Based on CVE Metrics |
| title_fullStr | Assessing Browser Security: A Detailed Study Based on CVE Metrics |
| title_full_unstemmed | Assessing Browser Security: A Detailed Study Based on CVE Metrics |
| title_short | Assessing Browser Security: A Detailed Study Based on CVE Metrics |
| title_sort | assessing browser security a detailed study based on cve metrics |
| topic | CVE browser threats information security CVSS EPSS risk |
| url | https://www.mdpi.com/1999-5903/17/3/104 |
| work_keys_str_mv | AT oleksiichalyi assessingbrowsersecurityadetailedstudybasedoncvemetrics AT kestutisdriaunys assessingbrowsersecurityadetailedstudybasedoncvemetrics AT vytautasrudzionis assessingbrowsersecurityadetailedstudybasedoncvemetrics |