---

New White Source Study Sheds Light on Open Source Security Risks

A recent White Source study of 2,944 software projects with open source components found that 23% had security vulnerabilities. Meanwhile, only 1.3% of the open source libraries with vulnerabilities were updated with the latest version. Ninety-three percent of the vulnerabilities in infected open source libraries had either high or mid-range severity.

“Often, no one is assigned to continually monitor the open source for updates. In our study, 98.7% of the open source libraries with vulnerabilities were not updated. This presents considerable security and business risks for both vendor and customer when the product is shipped,” said Rami Sass, Co-Founder and CEO of White Source. “If you don’t stay on top of open source updates, you risk missing critical security fixes that are most likely out there,” he added.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis