Common vulnerabilities rated as high or critical severity were found in all of the most popular open-source projects, according to the WhiteSource 2020 annual report, “The State of Open Source Security Vulnerabilities.”
Because more are being found, does not mean more exist. Ones not found worry me more.
A lot of the vulnerabilities I have seen, one needs physical access to exploit. I find that much less worrisome.
I have noticed most vulnerabilities that would effect me personally, the attacker needs physical access to my computer. That does not worry me. I don't know if that is true for most projects, but from what I have read it is true for me.
Report: Open Source Vulnerabilities Rampant in Popular Projects
Posted by: Jack M. Germain March 12, 2020 12:31 PMCommon vulnerabilities rated as high or critical severity were found in all of the most popular open-source projects, according to the WhiteSource 2020 annual report, “The State of Open Source Security Vulnerabilities.”
A lot of the vulnerabilities I have seen, one needs physical access to exploit. I find that much less worrisome.