The average open source vulnerability is 2.5 years old

According to a report, nearly 75% of commercial codebases assessed for risk contain open source components impacted by high-risk vulnerabilities.

from Cybersecurity News https://ift.tt/AoZd2BT