The number of vulnerabilities in open source projects surged almost 50 per cent in 2019, according to security biz WhiteSource, which can be seen as good news in the sense that you don’t find what you’re not looking for.
In its annual vulnerability report, the biz attributes the growing vulnerability count with increased awareness of open source security. That’s a consequence of widespread adoption of open source components and the overall growth of the community in recent years, not to mention media attention of data exposure. In other words, the bugs were always there but they’re more visible because we’re paying closer attention.
[Source: The Register]