From helpnetsecurity.com
79% percent of the time, third-party libraries are never updated by developers after being included in a codebase – despite the fact that more than two thirds of fixes are minor and non-disruptive to the functionality of even the most complex software applications, Veracode research reveals.