A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.

A full 70 percent of applications being used today have at least one security flaw stemming from the use of an open-source library.

According to Veracode’s annual State of Software Security report, these open-source libraries – free, centralized code repositories that provide ready-made application “building blocks” for developers – are not only ubiquitous but also risky.

The analysis examined 351,000 external libraries in 85,000 applications, and found that open-source libraries are extremely, extremely common. For instance, most JavaScript applications contain hundreds of open-source libraries – some have more than 1,000 different libraries. In addition, most languages feature the same set of core libraries.

#iot #mobile security #most recent threatlists #vulnerabilities #app security #bugs #code reuse #libraries #open source #percentage of apps #security vulnerabilities #the report #veracode