Watch out your dependencies!

Up to 40% of all packages depend on code with at least one publicly known vulnerability.