Python ranked fourth with 13%, followed by PHP (11%), Ruby (7%), Java (5%) and Closure Library (4%).
Delphi and Visual Basic were not included in this survey because they are proprietary languages. However, if we consider their popularity then we can assume that they must be relatively safe since so many people use them.
It's important to note that this list does not take into account vulnerabilities that are unknown or unpatched at the time of writing. For example, a vulnerability in Python could exist for several years without being fixed if no one cares enough to report it. The same thing can be said about C. These languages are old and have been around for a long time so it's likely that some problems will have been found and fixed by now.
It's also worth mentioning that the definition of "secure" depends on how you plan to use it. If you're running an open source project on GitHub then there's a good chance that someone else will find and fix any bugs that you miss.
ColdFusion, the most secure language, has six vulnerabilities per slot. Perl has seven vulnerabilities for each slot, whereas PHP had ten. While. NET was responsible for 31% of all vulnerabilities, the research stated that there were more websites developed in. ASP and JSP which are used by many developers instead of. NET, so they got a bad reputation because of this.
When it comes to open source languages, PHP has the highest rate of vulnerabilities. There are about 280 PHP scripts downloaded from the internet every minute. It is estimated that over 3 million new PHP scripts are created each year. This makes PHP one of the most dangerous languages out there. Next is Perl with about 240 instances downloaded per minute. Finally, there are about 20 instances of. JS downloaded per minute.
The number of vulnerabilities in each language decreases as you go down the list. This means that there are more safe languages than unsafe ones. ColdFusion is the only language in this study that earned a perfect score. It had no vulnerabilities at all. No other language came close. ASP and JSP were found to have a high rate of security problems because many people use them without knowing how to code properly. A lot of websites that get hacked use outdated scripts that come with known security issues. If you want to make sure that your website is secure, then you should hire an expert to do the coding for you.
Similarly, while Ruby looks to be more safe than Java, this might be due to the language's young and specialised usage. According to WhiteSource, there has been a "significant increase in the number of known open source security vulnerabilities across all languages over the last two years."
Furthermore, both languages have their advantages and disadvantages, which are well-succesful in different environments. Java is generally used when maximum performance is required, whereas Ruby is ideal for web applications that need to handle large amounts of data quickly.
In conclusion, neither Java nor Ruby are more secure than the other. It is important to select the right tool for the right job. If you need maximum security, use a closed source language like C/C++. If speed is your main concern, go with an open source language like PHP or Python.