Open source bugs have soared in the past year

2020-03-16 10:55

Open source bugs have skyrocketed in the last year, according to a report from open source licence management and security software vendor WhiteSource.

The number of open source bugs sat steady at just over 4,000 in 2017 and 2018, the report said, having more than doubled the number of bugs from pre-2017 figures that had never before broken the 2,000 mark.

WhiteSource had some harsh words for the national vulnerability database, which it said only contains 84% of the open source vulnerabilities that exist.

It pointed to GitHub's recently announced Security Lab as a key development in open source bug reporting.

GitHub, which hosts many open source products, has an embedded disclosure process that will encourage project maintainers to report vulnerabilities, it said.

News URL

https://nakedsecurity.sophos.com/2020/03/16/open-source-bugs-have-soared-in-the-past-year/

#opensource