Open source vulnerabilities pose a significant threat to enterprises, with 86% of codebases affected according to Black Duck's annual security report. Among these, 81% are classified as high or critical risk, demonstrating a troubling increase from 74% last year. The complexity of software dependencies complicates the tracking and remediation process for developers. Furthermore, outdated dependencies are prevalent, as 91% of codebases contain obsolete components, often hindering compliance with software supply chain requirements. The study attributes high severity vulnerabilities partly to the rise of web-based applications that rely extensively on libraries like jQuery.
Security vulnerabilities in open source projects continue to threaten enterprises, with recent research showing that 86% of codebases contain such vulnerabilities, primarily categorized as high or critical risk.
The inability to track numerous software dependencies is a significant challenge for developer organizations, leading to a concerning lack of prioritization in remedying these vulnerabilities.
#open-source-security #vulnerability-management #software-dependencies #black-duck-report #cybersecurity
Collection
[
|
...
]