Introduction to A09: Components with Known Vunerabilities
Components with Known Vulnerabilities, listed as A09 in the OWASP Top 10 for 2017, refers to the use of libraries, frameworks, and other software modules with publicly known security flaws. Applications often rely on third-party components, and if these are outdated or unpatched, attackers can exploit their weaknesses to compromise systems. Many vulnerabilities are well-documented and easily discoverable, making unpatched components a major risk. To reduce exposure, organizations should track their dependencies, keep them updated, use tools to detect known issues, and remove unused components from the application environment.
OWASP A09:2017 Components with Known Vunerabilities
