Read Time:35 Second
At a time when almost all software contains open source code, at least one known open source vulnerability was detected in 84% of all commercial and proprietary code bases examined by researchers at application security company Synopsys.
In addition, 48% of all code bases analyzed by Synopsys researchers contained high-risk vulnerabilities, which are those that have been actively exploited, already have documented proof-of-concept exploits, or are classified as remote code execution vulnerabilities.
The vulnerability data — along with information on open source license compliance — was included in Synopsys’ 2023 Open Source Security and Risk Analysis (OSSRA) report, put together by the company’s Cybersecurity Research Center (CyRC).