"Open Source Flaws Found in 84% of Codebases"

According to researchers at Synopsys, more than four out of five (84%) codebases contain at least one known open source vulnerability.  The researchers noted that this is almost a 4% increase compared to last year.  The researchers also found that there was a 163% growth in the edtech sector’s adoption of open source, followed by the aerospace, aviation, automotive, transportation, and logistics sectors (97%) and manufacturing and robotics (74%).  The researchers stated that the key to managing open source risk at the speed of modern development is maintaining complete visibility of application contents.  By building this visibility into the application lifecycle, businesses can arm themselves with the information needed to make informed, timely decisions regarding risk resolution.  The researchers also found that high-risk flaws over the last five years have grown substantially since 2019, particularly in the retail and e-commerce sectors (557%).  Further, Synopsys found that 31% of codebases rely on open source with no discernible license or with customized licenses, a 55% increase from last year.  The researchers also found that 91% of the audited codebases contained outdated versions of open source components.  The researchers noted that organizations leveraging any type of third-party software should rightfully assume that it includes open source.  

Infosecurity reports: "Open Source Flaws Found in 84% of Codebases"