Top 5 open-source components & their vulnerabilities
Part and parcel with the boom in open-source component usage, there has been a 742% average annual increase in software supply chain attacks over the past three years, according to a State of the Software Supply Chain report.
In terms of open-source components, software dependencies can equal open-source vulnerabilities. Sonatype research found that 6 out of every 7 project vulnerabilities come from transitive dependencies.
To empower your developers in leveraging open-source components while mitigating risk, read this white paper. Inside, Sonatype evaluates the top 5 open-source components, their vulnerabilities, and remediation recommendations.