|
|
|
|
|
|
by ristos
672 days ago
|
|
|
It's probably still a good example. Looking up the CVEs for various search terms: coreutils: 17 results linux kernel: 6752 results x11: 184 results qt: 152 results gtk: 68 results docker: 340 results rust: 455 results python: 940 results node: 110 results javascript: 5657 results firefox: 3268 results chrome: 3763 results safari: 1465 results webkit: 1346 results The large monolithic codebases have a lot more CVEs. I'd also argue that patching a fix on code made up of small, modular parts is much easier to do, and much lower hanging fruit for any casual developer to submit a PR for a fix. |
|
|
Who would've guessed. Also the older ones also got more CVE's than newer ones, even if they aren't that big.