Vulnerable and Outdated Components

GPTKB entity

Statements (38)
Predicate Object
gptkbp:instanceOf OWASP Top 10 risk
gptkbp:affects APIs
Web applications
Mobile applications
gptkbp:alsoKnownAs A06:2021
gptkbp:category gptkb:software
gptkb:Web_Application_Security
Security Vulnerability
gptkbp:citation https://owasp.org/Top10/A06_2021-Vulnerable_and_Outdated_Components/
gptkbp:describedBy OWASP Top 10 2021
gptkbp:detects Vulnerability Scanning
Manual Review
Software Composition Analysis
gptkbp:example Using components with known vulnerabilities
Using outdated libraries
Using unsupported software
gptkbp:firstAppearance OWASP Top 10 2013
gptkbp:formerName Using Components with Known Vulnerabilities
https://www.w3.org/2000/01/rdf-schema#label Vulnerable and Outdated Components
gptkbp:impact Privilege escalation
Remote code execution
Denial of service
Data breach
gptkbp:mitigatedBy Monitor for vulnerabilities
Regularly update components
Remove unused dependencies
Use trusted repositories
gptkbp:partOf gptkb:OWASP_Top_10
gptkbp:rank #6 in OWASP Top 10 2021
gptkbp:relatedStandard CWE-1104
CWE-829
CWE-937
gptkbp:riskFactor Vulnerability Management
Application Security
Software Supply Chain
gptkbp:updated OWASP Top 10 2021
gptkbp:bfsParent gptkb:OWASP_Top_Ten
gptkbp:bfsLayer 5