Veracode has published the eleventh volume of its annual reportState of Software Security , and their findings reveal that buggy apps are the norm, open source libraries are becoming less reliable and it is taking a long time to fix the problems.
The report found that a 76% of applications contained flaws, and the 24% of the applications have failures considered very serious.
Around the 70% of applications inherit security flaws from their open source libraries, but it is important to note that only the 30% of applications have more security flaws in their open source libraries than in internally written code, which suggests that it is not only open source projects that are to blame.
According to this report, the programming language with the greatest security flaws is PHP.
You can see the full report in the following link.