InfoSec News Nuggets 2/28/2024
Most Commercial Code Contains High-Risk Open Source Bugs Three-quarters (74%) of commercial codebases contain open source components featuring “high-risk” vulnerabilities, according to a new study from Synopsys. The chip design tool company’s ninth annual Open Source Security and Risk Analysis (OSSRA) report analyzed anonymized findings from over 1000 commercial codebase audits in 17 industries. It found that the share featuring high-risk open source bugs – that is, ones that have been actively exploited, have documented proof-of-concept exploits or are…