NewsReport: 88% of Java Apps Include Vulnerable Open Source Code

Report: 88% of Java Apps Include Vulnerable Open Source Code

Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

According to a new report from Veracode, which is owned by CA Technologies, 88 percent of Java apps include at least one open source component with a known security vulnerability. In addition, 53.3 percent of Java apps use a version of the Commons Collections components that has a security bug.

“The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications — making many of them breachable with a single exploit,” said Chris Wysopal, CTO of Veracode.

The company recommends that enterprise application development teams keep an up-to-date list of which Java components their apps rely on.

View article

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories