The use of open source software is widespread in modern applications, with 70-90% of any piece of modern software including open source code. Open source libraries often build upon other open source libraries, creating a complex tree of dependencies that introduces many layers of code into applications, increasing the risk of vulnerabilities. Many organizations are unprepared to deal with these risks, with 41% having low confidence in their open source software security and 51% lacking an open source security policy. The average application in development contains 49 vulnerabilities and 69 dependencies, and it takes more than double the time to fix vulnerabilities compared to 2018. Understanding the scope of potential vulnerabilities in open source packages is crucial for organizations to build protection against those risks and use open source technology efficiently and safely.