Glossary U
1 term starting with U
Using Components with Known Vulnerabilities application-security
Using Components with Known Vulnerabilities (OWASP A06)
This OWASP Top 10 category covers the risk of using software components (libraries, frameworks, OS packages) that have known, unpatched security vulnerabilities.
This OWASP Top 10 category covers the risk of using software components (libraries, frameworks, OS packages) that have known, unpatched security vulnerabilities. Since open-source components constitute 70-90% of modern application code, a single vulnerable transitive dependency can expose an application to critical attacks. SCA tools and dependency management automation (Dependabot, Renovate) are the primary controls.
View full page →