Almost 80 pct of open source codes contain at least one vulnerability, report says
Over three quarters (78 percent) of the commercial open source codes contain at least one vulnerability, according to the Open Security and Risk Analysis (OSSRA) report by Black Duck at Synopsys.
Data shows that 78 percent of the codebases contained at least one vulnerability, compared to 67 percent in the previous year. In this context, most bugs (54 percent) were classified as high risk.
17 percent of the codebases included in the OSSRA report contained at least one known vulnerability, such as Heartbleed, POODLE, Logjam, FREAK and DROWN – despite the special attention that these bugs got in the past few years. For example, Heartbleed, a bug that affects the open-source cryptographic library OpenSSL, was found in 4 percent of the scanned codes.
The report also notes that most codebases with high security risks were detected in internet and software infrastructure apps (67 percent), mobile and internet apps (60 percent), virtual reality, games, entertainment and media (50 percent).
Furthermore, according to OSSRA, in 2017 over 5,000 open source vulnerabilities were discovered in 2017, adding up to a total of 40,000 reported since 2000. On the other hand, the number of reported malfunctions increased from 6,400 in 2016 to over 14,700 last year.
The term open source refers to something any user can modify and share because its design is publicly accessible.
source: http://business-review.eu
Photo: dreamstime.com
This post has received a 0.92 % upvote from @drotto thanks to: @difelice.
Congratulations @difelice! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Award for the number of posts published
Award for the number of upvotes received
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOP