Reports

The 2021 State of Open Source Vulnerabilities

Open source is everywhere. It comprises around 90% of the components of modern applications, and is used by developers across a wide range of industries. Unfortunately, as open source usage has increased, so too have vulnerabilities within open source code.

In this report, we’ll take an in-depth look at today’s open source vulnerability landscape, including areas like:

Common vulnerabilities
The distribution of vulnerabilities across popular languages
Longitudinal trends in vulnerabilities over several years
The most prevalent CWEs in each language
Libraries with the most vulnerabilities
Best practices to keep your organization’s software free of vulnerabilities

ABOUT FOSSA

Up to 90% of any piece of software is from open source, creating countless dependencies and areas of risk to manage. FOSSA is the most reliable automated policy engine for security management, license compliance, and code quality across the open source stack.

With FOSSA, engineering, security, and legal teams all get complete and continuous risk mitigation for the entire software supply chain, integrated into each of their existing workflows.

FOSSA enables organizations like Slack, Snapchat, Okta, Puppet, Epic Games, and UiPath to manage their open source at scale and drive continuous innovation.

The 2021 State of Open Source Vulnerabilities

Thank you for your interest!

Check out these Resources

The 2021 State of Open Source Vulnerabilities

Thank you for your interest!

Check out these Resources

The State of Vulnerabilities in Linux Distributions

The 2022 State of Open Source Vulnerabilities

Software Composition Analysis

Software Composition Analysis: Elements of an Effective Solution