Devs spanked for touching vulnerable open-source packages
|
|
Developers are sucking buggy open-source programming frameworks off the web unaware that newer fixed versions exist, according to a new report. Packages of the Google Web Toolkit, the Spring Model View Controller, and Apache's Struts and Xerces have been downloaded millions of times despite the fact they contain known vulnerabilities - as evidenced by a trawl through the Sonatype.org central repository.
|
|
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
