An analysis of more than five million open-source software packages published by Lineaje, a provider of a platform for tracking open-source software components, finds 95% of security issues involve some type of open-source software package dependency, with more than half (51%) of the vulnerabilities discovered having no known existing fix available.