Before you can understand something, you need to measure it. Google is bringing a way to measure security errors across open-source software programs.
Article Link: Google rolls out a unified security vulnerability schema for open-source software | ZDNet