Google today announced it has extended its Open Source Vulnerabilities (OSV) database to incorporate data from additional open source projects, using a unified schema for “describing vulnerabilities precisely.”
The benefits of open source software are widely understood, but concerns around vulnerabilities frequently rear their head. The vast majority of codebases contain at least one known open source vulnerability, while a report this week concluded that more often that not, developers don’t update third-party libraries after including them in their software. That same report noted that 92% of open source library flaws could be easily fixed with a simple update.
Open source software impacts pretty much everyone, everywhere. From small startups to major enterprises, companies rely on community-driven components in most of their applications. So it’s in everyone’s interests to ensure open source software is properly maintained.
Are Password Protectors Safe in 2021?
Open Source Vulnerability Database:
