CWE-477: Use of Obsolete Function
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The code uses deprecated or obsolete functions, which suggests that the code has not been actively reviewed or maintained.
常见后果
影响范围: Other
技术影响: Quality Degradation
潜在缓解措施
阶段: Implementation
描述: Refer to the documentation for the obsolete function in order to determine why it is deprecated or obsolete and to learn about alternative ways to achieve the same functionality.
阶段: Requirements
描述: Consider seriously the security implications of using an obsolete function. Consider using alternate functions.
检测方法
方法: Automated Static Analysis - Binary or Bytecode
有效性: High
方法: Manual Static Analysis - Binary or Bytecode
有效性: SOAR Partial
方法: Dynamic Analysis with Manual Results Interpretation
有效性: High
方法: Manual Static Analysis - Source Code
有效性: High
方法: Automated Static Analysis - Source Code
有效性: High
方法: Automated Static Analysis
有效性: High
方法: Architecture or Design Review
有效性: High
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |
适用平台
编程语言
分类映射
| 分类名称 | 条目ID | 条目名称 | 映射适配度 |
|---|---|---|---|
| 7 Pernicious Kingdoms | - | Obsolete | - |
| Software Fault Patterns | SFP3 | Use of an improper API | - |
| SEI CERT Perl Coding Standard | DCL30-PL | Do not import deprecated modules | CWE More Specific |
| SEI CERT Perl Coding Standard | EXP30-PL | Do not use deprecated or obsolete functions or modules | CWE More Specific |