CDPSE · Question #337
A bug has been identified in a third-party video library that could expose sensitive user data. Which of the following is the BEST recommendation to address this issue?
The correct answer is C. Patch the vulnerability before using the library.. Patching the vulnerability directly eliminates the root cause of the risk. A known bug in a third-party library means the software itself is flawed; the only proper fix is to apply the vendor's patch or update to a fixed version. Antivirus scans (A) detect malware, not code-level
Question
A bug has been identified in a third-party video library that could expose sensitive user data. Which of the following is the BEST recommendation to address this issue?
Options
- APerform a full antivirus scan before using the library.
- BSanitize any sensitive data in the library.
- CPatch the vulnerability before using the library.
- DRequire authentication to access the library.
How the community answered
(30 responses)- A3% (1)
- B17% (5)
- C73% (22)
- D7% (2)
Explanation
Patching the vulnerability directly eliminates the root cause of the risk. A known bug in a third-party library means the software itself is flawed; the only proper fix is to apply the vendor's patch or update to a fixed version. Antivirus scans (A) detect malware, not code-level vulnerabilities. Sanitizing data in the library (B) is impractical and doesn't fix the underlying flaw. Requiring authentication (D) controls access but doesn't fix the vulnerability - an authenticated user could still trigger the bug and expose data.
Topics
Community Discussion
No community discussion yet for this question.