Of the top-10 high-risk vulnerabilities found in open source components, only two are from 2020 — one is from 2019, three were disclosed in 2018, and the rest were disclosed more than three ...