New vulnerabilities in open source packages down 20% compared to last year

2020-06-29 04:30

New vulnerabilities in open source packages were down 20% compared to last year suggesting security of open source packages and containers are heading in a positive direction, according to Snyk.

Across the six popular ecosystems the report examined, there were fewer new vulnerabilities reported in 2019 than in 2018 - a promising finding - but there are still significant improvements to strive for with slightly less than two thirds of vulnerabilities still taking more than 20 days to remediate.

"This year's report is very encouraging as we are seeing the volume of open source vulnerabilities trending down for the first time in four years. In addition, there are positive trends emerging around the collaboration of development, security and operations teams to address the growing demand for secure application development," said Alyssa Miller, Application Security Advocate, Snyk.

Vulnerability trends New vulnerabilities were down almost 20% across the most popular ecosystems in 2019.

New vulnerabilities reported in common Linux distributions demonstrate the need for comprehensive monitoring for new vulnerabilities in container images.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/i1yqL1QO1Bs/

#opensource #vulnerabilities

News URL

Related news