2020-04-16 00:00:00

Security|Technologybug|Github|NVD|open source|report|software|vulnerability

Unsurprisingly, also open source software has vulnerabilities - here are some trends

Open source software products are often regarded safer and less vulnerable to malicious hacking than propriety software. The principle of showing the actual program code to the world and allowing other people and organizations to run the software is a valid method to discover potential problems. It is always a human who has written the code, however, and we all make mistakes.

Whitesource, an open source license management service, has put together a report that points out the scale of vulnerabilities in open source.

In March 2020, new reported vulnerabilities in open source software increased about 13% from February 2020. The total was 750 new reported cases in March according to the Whitesource report. While the number of discovered problems is not high, this is the amount of new vulnerabilities reported every month. Even with the 13% growth rate, it'll soon be considerably high.

Popular open source software management service Github hosts more than 100 million project repositories. No one knows how many software projects are developed on other services and on individual computers. In this perspective, the number of monthly discovered vulnerabilities is low, perhaps even too low.

The risk evaluation for vulnerabilities has remained relatively constant: 22% are critical, 36% high, 41% medium and 1% low risk problems. It means that the majority (58%) of bugs are in high risk category.

whitesource open source security vulnerability report: problem risk level ratio
Image: Whitesource report April Open Source Security Vulnerabilities Snapshot.

Cross-site scripting is the most common problem. Categorised as CWE-79 ( here is the detailed definition), it is about twice as common as the next two, CWE-200 and CWE-20, both related to interaction with users.

When the legendary computer company Sun introduced new programming language Java to the world more than 20 years ago, the key point that it is the secure tool for the internet era. Well, how about this: PHP, Java, Javascript and C are the four languages with most mentions in open source bug database. Probably this has something to do with the fact that they also happen to be the most used programming languages on the internet, but still.

Whitesource has compiled the monthly open source vulnerability report from NVD ( National Vulnerability Database - a U.S. initiative, but features problem reports from other parts of the world, also from Github) and other sources.

News

2025-07-10 13:26:00

Behavior rules are being documented as town-specific or national-level regulation in European countries, especially in the south where sun seeking tourists may forget that the town belongs to local people who simply want to live in their home town. #travel #Europehttps://klaava.com/nitpickers-travel-journal-behave-or-else-unwritten-cultural-rules-in-europe/


But there are three fortresses on the other side of border.

2025-07-08 16:06:04

But there are three fortresses on the other side of border.


Border town safety net.

2025-07-07 18:24:59

arihak

Border town safety net.


News

2025-07-07 16:16:00

Instead of fumbling with plastic chips, you download a mobile profile directly onto the secure micro-chip already soldered inside most recent phones (think iPhone XR and newer, Google Pixel 3+, Samsung Galaxy S20 series and up). #phone #travelhttps://klaava.com/esim-the-tiny-tech-that-makes-big-adventures-stress-free/


News

2025-07-01 16:15:00

Canyon road is a magnet for cyclists and motorists.#photography #travelphotography #europeflic.kr/p/2rdW4Mfhttps://flic.kr/p/2rdW4Mf


The historic center of Krakow in Poland features castles, churches, palaces ... and tourists.

2025-06-23 13:31:04

The historic center of Krakow in Poland features castles, churches, palaces ... and tourists.


A man with his donkey.

2025-06-19 15:54:21

arihak

A man with his donkey.


News

2025-06-19 15:11:00

An eye-catching place for a painting.#streetphotographyhttps://wordpress.org/photos/photo/9536554ee4/


News

2025-06-15 15:33:00

There are many ways to classify the best countries for road trips, and that is why we are going to take a look at a few different types of ways to select the best here. #roadtrip #Europehttps://klaava.com/which-countries-in-europe-are-the-best-for-road-trips/


News

2025-06-11 16:24:00

Let's go.#streetphotographyflic.kr/p/2r3EuJNhttps://flic.kr/p/2r3EuJN


News

2025-06-04 18:08:00

A #photographer has been using sunglasses with a camera and loudspeakers for 8 months: "I quite enjoy them, and they’ve quickly become my daily wear as far as sunglasses are concerned."https://fstoppers.com/artificial-intelligence/ray-ban-meta-glasses-photographers-perspective-701899


News

2025-06-02 14:42:00

Today, digital nomads recognize the benefits but also risks of their lifestyle. An extensive study among traveling workers reveals the highs and lows of the nomad life. #remotework #digitalnomadhttps://klaava.com/digital-nomads-feel-powered-by-their-lifestyle-but-recognise-inevitable-downsides-as-well/


Aland archipelago

2025-05-30 16:59:41

Aland archipelago


Highway across a swamp.

2025-05-30 11:14:51

arihak

Highway across a swamp.


News

2025-05-26 16:29:00

Flower market, but she is selling fruit trees.#streetphotographyhttps://unsplash.com/photos/TfQ6uYmI9QQ


News

2025-05-22 14:19:00

In Spain, the Balearic government asked influencers to help ease pressure on overcrowded hotspots by promoting less-visited areas. Instead, influencers have unintentionally drawn large crowds of tourists to remote, ecologically sensitive locations. #photography #selfiehttps://petapixel.com/2025/05/21/spanish-islands-ban-influencers-after-4000-tourists-flock-to-tiny-beach-for-selfies/


News

2025-05-18 18:23:00

Most travelers already knew that south Europe is the warm and sunny zone of #Europe, and this ranking confirms it. Spain and Italy have most cities in the top 30, followed by France and Portugal. #travelhttps://klaava.com/sunniest-cities-in-europe/


Popular sight in Sevilla

2025-05-16 17:51:34

Popular sight in Sevilla


News

2025-05-14 16:03:00

Bordeaux is ready for hot summer days.#streetphotographyhttps://pixelfed.social/p/arihak/827854641319295061


Cooling zone.

2025-05-13 12:38:47

arihak

Cooling zone.