Question 18
Domain 3: Infrastructure, Network, and Workload SecurityWhich threat is of GREATEST concern when using third-party libraries and dependencies in cloud applications?
Correct answer: A
Explanation
Known vulnerabilities in outdated or unpatched dependencies are the greatest concern because third-party libraries can introduce exploitable flaws into cloud applications. Security guidance emphasizes that dependency risk comes from software with “known vulnerabilities” that remain unpatched, allowing attackers to exploit the application through its supply chain.
Why each option is right or wrong
A. Known vulnerabilities in outdated or unpatched dependencies
OWASP’s Software Assurance guidance treats vulnerable third-party components as a primary supply-chain risk: if a library has a published CVE and remains unpatched, the application inherits that flaw and can be compromised through a known exploit path. In cloud deployments, this is especially severe because dependencies are often pulled in transitively and at scale, so an outdated package with an identified vulnerability presents a direct, actionable attack surface rather than a hypothetical weakness.
B. The libraries being too fast
C. Libraries consuming too much documentation
D. Libraries providing too much functionality