Many organizations are still struggling to identify and manage open source risk across their application portfolios, according to the Open Source Security & Risk Analysis (OSSRA) report.
The report says, "while the number of vulnerabilities in open source is small compared to proprietary software, over 7,000 open source vulnerabilities were discovered in 2018 alone. Over 50,000 have emerged over the past two decades."