70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs
Veracode’s annual State of Software Security report has revealed that researchers found 70 percent of applications available online contain at least one security flaw stemming from the use of an open-source library. This can arguably be attributed to a lack of awareness about where and how open source libraries are being used, creating security risks. Open-source libraries are free and centralized code repositories that provide a base for developers to create applications off of.
Veracode’s analysis examined over 350,000 external libraries in 85,000 applications, concluding that the use of open-source libraries in app development is extremely common. These libraries contain bugs that, just like code re-use, can affect hundreds of applications. The report states that the four main libraries representing the majority of these bugs are found in applications Swift, .NET, Go, and PHP.