GitHub research suggests there is a need to reduce the time between bug detection and fixes.
Article Link: https://www.zdnet.com/article/open-source-software-security-vulnerabilities-exist-for-over-four-years-before-detection-study/#ftag=RSSbaffb68