New White Source Study Sheds Light on Open Source Security RisksNov 26, 2013, 12:00 (0 Talkback[s])
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
A recent White Source study of 2,944 software projects with open source components found that 23% had security vulnerabilities. Meanwhile, only 1.3% of the open source libraries with vulnerabilities were updated with the latest version. Ninety-three percent of the vulnerabilities in infected open source libraries had either high or mid-range severity.
"Often, no one is assigned to continually monitor the open source for updates. In our study, 98.7% of the open source libraries with vulnerabilities were not updated. This presents considerable security and business risks for both vendor and customer when the product is shipped," said Rami Sass, Co-Founder and CEO of White Source. "If you don't stay on top of open source updates, you risk missing critical security fixes that are most likely out there," he added.
0 Talkback[s] (click to add your comment)