In May 2020, Synopsys released the fifth edition of its 2020 Open Source Security and Risk Analysis (OSSRA) report, which contains open source security and license risk insights and recommendations derived from an analysis of more than 1,250 commercial codebases.
Synopsys reports that 70% of code in examined codebases was open source, that 75% of codebases contained security vulnerabilities, and that 67% of codebases had license conflicts.