A manually-curated categorisation of Java Maven libraries along Python PyPI Topics (dataset)

This dataset reports 256 manually-curated open-source Java libraries from Maven Central with high- or critical-severity CVEs. Each library was assigned a category based on its main functionality. Categories mirror the Topic classifier from the Python Package Index (PyPI), allowing cross-language comparisons of libraries with equivalent functionality.
The results of this process are: the protocol designed to interpret sources for category assessment, and arbitrate the results; the sources and metadata, including CVEs, collected for the categorisation; the set of categorised libraries and CVE statistics, including a higher-level classification into Local or Remote network functionalities. This can be used as ground truth for (cross-language, statistical) studies on the libraries from functional and security perspectives.