Global 500 organizations, collectively, downloaded 2.8 million insecure components in one year. One in three of the most popular components had older, vulnerable versions that were still commonly downloaded. The average enterprise downloads more than 1,000 unique components from the Central Repository each month. A single open source component can be reused in dozens of other components, meaning a flaw in that component will then be inherited by every component that depends on it. The issue is that the open source ecosystem lacks the ongoing relationship between vendor and customer.”]