NewsReport: 88% of Java Apps Include Vulnerable Open Source Code

Report: 88% of Java Apps Include Vulnerable Open Source Code content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

According to a new report from Veracode, which is owned by CA Technologies, 88 percent of Java apps include at least one open source component with a known security vulnerability. In addition, 53.3 percent of Java apps use a version of the Commons Collections components that has a security bug.

“The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications — making many of them breachable with a single exploit,” said Chris Wysopal, CTO of Veracode.

The company recommends that enterprise application development teams keep an up-to-date list of which Java components their apps rely on.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories