How to Remediate Known Vulnerabilities

By ADMIN Team

Fixing vulnerabilities can involve more than patching.

Once you become aware of a vulnerability in a third-party component of your code, you naturally want to get rid of it, says Leo Zhang.

How do you do that? If a fix is available, Zhang explains, there are generally two approaches you can take:

You can patch the component in-place.
You can upgrade to a component version that does not have the vulnerability, by either:
- Pinning the vulnerable component to a fixed version.
- Doing iterated component upgrades until the vulnerable component has been removed from your dependency installation plan.

This article looks at the pros and cons of these tactics, along with related considerations.

Learn more at FOSSA.

08/28/2023

patching , Security , vulnerabilities

Related content

New Apache Struts Flaw Found

more »
Vulnerability assessment best practices for enterprises
A vulnerability assessment is an important step toward protecting an organization's critical IT assets.

more »
Intel Releases Spectre Patches for Skylake

more »
CISA Warns of Widespread Exploitation of Known Confluence Vulnerability

more »
Multiple Vulnerabilities Found in FreeRTOS

more »

comments powered by Disqus

Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
</a>

<hr>
</div>
</div>

<div class=