Security Test: Frontend Vulnerable Package¶
Description¶
Default Severity:
The vulnerability comes from using programs or libraries with known issues that haven’t been fixed. This happens when the software is outdated or unpatched, and it can allow attackers to exploit weak spots in your system, potentially accessing sensitive data or even taking control of machines. Developers need to keep an eye on third-party packages and ensure they're updated regularly to avoid these security gaps. A common problem is relying on legacy code or quickly integrating external packages without checking for recent security patches, which can leave systems exposed to severe risks if not addressed.
Configuration¶
Identifier:
frontend_information_disclosure/potential_cve
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API8:2023 |
| OWASP LLM Top 10 | LLM05:2023 |
| PCI DSS | 6.2 |
| GDPR | Article-32 |
| SOC2 | CC6 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-40 |
| FedRAMP | SI-2 |
| CWE | 119 |
| CVSS Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C |
| CVSS Score | 7.2 |