Any change with respect to whitespace is ignored. "Minor"
changes are text changes that only affect capitalization and
punctuation. Most other changes are marked as "Major."
Simple schema changes are treated as Minor, such as the change from
AffectedResource to Affected_Resource in Draft 8, or the relationship
name change from "IsRequiredBy" to "RequiredBy" in
Version 1.0. For each mutual relationship between nodes A and B (such
as ParentOf and ChildOf), a relationship change is noted for both A
and B.
The "Version 4.20 Total" lists the total number of relationships
in Version 4.20. The "Shared" value is the total number of
relationships in entries that were in both Version 4.20 and Version 4.19.1. The
"New" value is the total number of relationships involving
entries that did not exist in Version 4.19.1. Thus, the total number of
relationships in Version 4.20 would combine stats from Shared entries and
New entries.
A node change is labeled "important" if it is a major field change and
the field is critical to the meaning of the node. The critical fields
are description, name, and relationships.
| 16 |
Configuration |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 20 |
Improper Input Validation |
|
Major |
Applicable_Platforms, Mapping_Notes |
|
Minor |
None |
| 22 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
|
Major |
Alternate_Terms, Applicable_Platforms, Demonstrative_Examples, Relationships |
|
Minor |
None |
| 23 |
Relative Path Traversal |
|
Major |
Applicable_Platforms |
|
Minor |
None |
| 26 |
Path Traversal: '/dir/../filename' |
|
Major |
Observed_Examples |
|
Minor |
None |
| 36 |
Absolute Path Traversal |
|
Major |
Applicable_Platforms |
|
Minor |
None |
| 44 |
Path Equivalence: 'file.name' (Internal Dot) |
|
Major |
Observed_Examples |
|
Minor |
None |
| 74 |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 75 |
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 77 |
Improper Neutralization of Special Elements used in a Command ('Command Injection') |
|
Major |
Relationships |
|
Minor |
None |
| 78 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
|
Major |
Applicable_Platforms, Relationships |
|
Minor |
None |
| 79 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
|
Major |
Relationships |
|
Minor |
Potential_Mitigations |
| 80 |
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 81 |
Improper Neutralization of Script in an Error Message Web Page |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 82 |
Improper Neutralization of Script in Attributes of IMG Tags in a Web Page |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 83 |
Improper Neutralization of Script in Attributes in a Web Page |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 84 |
Improper Neutralization of Encoded URI Schemes in a Web Page |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 85 |
Doubled Character XSS Manipulations |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 86 |
Improper Neutralization of Invalid Characters in Identifiers in Web Pages |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 87 |
Improper Neutralization of Alternate XSS Syntax |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 88 |
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 91 |
XML Injection (aka Blind XPath Injection) |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 94 |
Improper Control of Generation of Code ('Code Injection') |
|
Major |
Potential_Mitigations, Relationships |
|
Minor |
None |
| 95 |
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') |
|
Major |
Applicable_Platforms, Potential_Mitigations, Relationships |
|
Minor |
None |
| 116 |
Improper Encoding or Escaping of Output |
|
Major |
Relationships |
|
Minor |
None |
| 119 |
Improper Restriction of Operations within the Bounds of a Memory Buffer |
|
Major |
Mapping_Notes, Observed_Examples |
|
Minor |
None |
| 150 |
Improper Neutralization of Escape, Meta, or Control Sequences |
|
Major |
Alternate_Terms, Applicable_Platforms, Common_Consequences, Demonstrative_Examples, Description, Modes_of_Introduction, Observed_Examples, Potential_Mitigations, References, Research_Gaps, Time_of_Introduction |
|
Minor |
None |
| 185 |
Incorrect Regular Expression |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 186 |
Overly Restrictive Regular Expression |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 200 |
Exposure of Sensitive Information to an Unauthorized Actor |
|
Major |
Maintenance_Notes, Mapping_Notes |
|
Minor |
None |
| 201 |
Insertion of Sensitive Information Into Sent Data |
|
Major |
Observed_Examples |
|
Minor |
None |
| 203 |
Observable Discrepancy |
|
Major |
Background_Details, Common_Consequences, Description, Diagram |
|
Minor |
None |
| 212 |
Improper Removal of Sensitive Information Before Storage or Transfer |
|
Major |
Observed_Examples |
|
Minor |
None |
| 214 |
Invocation of Process Using Visible Sensitive Information |
|
Major |
Observed_Examples |
|
Minor |
None |
| 242 |
Use of Inherently Dangerous Function |
|
Major |
Potential_Mitigations, References |
|
Minor |
None |
| 250 |
Execution with Unnecessary Privileges |
|
Major |
Alternate_Terms, Applicable_Platforms, Modes_of_Introduction, References, Relationships |
|
Minor |
None |
| 261 |
Weak Encoding for Password |
|
Major |
Observed_Examples |
|
Minor |
None |
| 269 |
Improper Privilege Management |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 284 |
Improper Access Control |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 285 |
Improper Authorization |
|
Major |
Mapping_Notes, Observed_Examples |
|
Minor |
None |
| 287 |
Improper Authentication |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 295 |
Improper Certificate Validation |
|
Major |
Observed_Examples |
|
Minor |
None |
| 296 |
Improper Following of a Certificate's Chain of Trust |
|
Major |
Background_Details, Description, Diagram |
|
Minor |
None |
| 297 |
Improper Validation of Certificate with Host Mismatch |
|
Major |
Common_Consequences, Description, Diagram, Modes_of_Introduction |
|
Minor |
None |
| 298 |
Improper Validation of Certificate Expiration |
|
Major |
Common_Consequences, Description, Diagram, Observed_Examples |
|
Minor |
None |
| 301 |
Reflection Attack in an Authentication Protocol |
|
Major |
Observed_Examples |
|
Minor |
None |
| 311 |
Missing Encryption of Sensitive Data |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 316 |
Cleartext Storage of Sensitive Information in Memory |
|
Major |
Observed_Examples |
|
Minor |
None |
| 323 |
Reusing a Nonce, Key Pair in Encryption |
|
Major |
Observed_Examples |
|
Minor |
None |
| 330 |
Use of Insufficiently Random Values |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 353 |
Missing Support for Integrity Check |
|
Major |
Observed_Examples |
|
Minor |
None |
| 354 |
Improper Validation of Integrity Check Value |
|
Major |
Observed_Examples |
|
Minor |
None |
| 362 |
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
|
Major |
Observed_Examples |
|
Minor |
None |
| 379 |
Creation of Temporary File in Directory with Insecure Permissions |
|
Major |
Observed_Examples |
|
Minor |
None |
| 392 |
Missing Report of Error Condition |
|
Major |
Observed_Examples |
|
Minor |
None |
| 400 |
Uncontrolled Resource Consumption |
|
Major |
Applicable_Platforms, Maintenance_Notes, Mapping_Notes, Other_Notes |
|
Minor |
None |
| 401 |
Missing Release of Memory after Effective Lifetime |
|
Major |
Alternate_Terms, Detection_Factors, Potential_Mitigations, References |
|
Minor |
None |
| 416 |
Use After Free |
|
Major |
Common_Consequences, Observed_Examples |
|
Minor |
None |
| 425 |
Direct Request ('Forced Browsing') |
|
Major |
Description, Diagram, Modes_of_Introduction, Observed_Examples |
|
Minor |
None |
| 427 |
Uncontrolled Search Path Element |
|
Major |
References |
|
Minor |
None |
| 434 |
Unrestricted Upload of File with Dangerous Type |
|
Major |
Applicable_Platforms, Relationships |
|
Minor |
None |
| 437 |
Incomplete Model of Endpoint Features |
|
Major |
Observed_Examples |
|
Minor |
None |
| 451 |
User Interface (UI) Misrepresentation of Critical Information |
|
Major |
Observed_Examples |
|
Minor |
None |
| 481 |
Assigning instead of Comparing |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
Demonstrative_Examples |
| 482 |
Comparing instead of Assigning |
|
Major |
Detection_Factors |
|
Minor |
None |
| 489 |
Active Debug Code |
|
Major |
Observed_Examples |
|
Minor |
None |
| 502 |
Deserialization of Untrusted Data |
|
Major |
Alternate_Terms, Relationships |
|
Minor |
None |
| 506 |
Embedded Malicious Code |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 524 |
Use of Cache Containing Sensitive Information |
|
Major |
Observed_Examples |
|
Minor |
None |
| 525 |
Use of Web Browser Cache Containing Sensitive Information |
|
Major |
Observed_Examples, Potential_Mitigations |
|
Minor |
None |
| 528 |
Exposure of Core Dump File to an Unauthorized Control Sphere |
|
Major |
Observed_Examples |
|
Minor |
None |
| 530 |
Exposure of Backup File to an Unauthorized Control Sphere |
|
Major |
Observed_Examples |
|
Minor |
None |
| 548 |
Exposure of Information Through Directory Listing |
|
Major |
Observed_Examples |
|
Minor |
None |
| 549 |
Missing Password Field Masking |
|
Major |
Observed_Examples |
|
Minor |
None |
| 561 |
Dead Code |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 562 |
Return of Stack Variable Address |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 568 |
finalize() Method Without super.finalize() |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 570 |
Expression is Always False |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 571 |
Expression is Always True |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 586 |
Explicit Call to Finalize() |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 590 |
Free of Memory not on the Heap |
|
Major |
Detection_Factors, Observed_Examples, Potential_Mitigations |
|
Minor |
None |
| 591 |
Sensitive Data Storage in Improperly Locked Memory |
|
Major |
Observed_Examples |
|
Minor |
None |
| 598 |
Use of HTTP Request With Sensitive Query String |
|
Major |
Background_Details, Description, Name, Observed_Examples, Potential_Mitigations |
|
Minor |
None |
| 599 |
Missing Validation of OpenSSL Certificate |
|
Major |
Common_Consequences, Description, Diagram |
|
Minor |
None |
| 606 |
Unchecked Input for Loop Condition |
|
Major |
Observed_Examples |
|
Minor |
None |
| 613 |
Insufficient Session Expiration |
|
Major |
Maintenance_Notes, Mapping_Notes, Observed_Examples, References |
|
Minor |
None |
| 620 |
Unverified Password Change |
|
Major |
Observed_Examples |
|
Minor |
None |
| 621 |
Variable Extraction Error |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 639 |
Authorization Bypass Through User-Controlled Key |
|
Major |
Alternate_Terms, Maintenance_Notes, References |
|
Minor |
None |
| 640 |
Weak Password Recovery Mechanism for Forgotten Password |
|
Major |
Observed_Examples |
|
Minor |
None |
| 642 |
External Control of Critical State Data |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
None |
| 662 |
Improper Synchronization |
|
Major |
Maintenance_Notes, Research_Gaps |
|
Minor |
None |
| 665 |
Improper Initialization |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 668 |
Exposure of Resource to Wrong Sphere |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 674 |
Uncontrolled Recursion |
|
Major |
Potential_Mitigations |
|
Minor |
None |
| 676 |
Use of Potentially Dangerous Function |
|
Major |
Potential_Mitigations, References |
|
Minor |
None |
| 682 |
Incorrect Calculation |
|
Major |
Detection_Factors, Observed_Examples, Potential_Mitigations |
|
Minor |
None |
| 693 |
Protection Mechanism Failure |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 756 |
Missing Custom Error Page |
|
Major |
Observed_Examples |
|
Minor |
None |
| 761 |
Free of Pointer not at Start of Buffer |
|
Major |
Detection_Factors |
|
Minor |
None |
| 762 |
Mismatched Memory Management Routines |
|
Major |
Detection_Factors |
|
Minor |
None |
| 763 |
Release of Invalid Pointer or Reference |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
None |
| 787 |
Out-of-bounds Write |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 789 |
Memory Allocation with Excessive Size Value |
|
Major |
Observed_Examples |
|
Minor |
None |
| 835 |
Loop with Unreachable Exit Condition ('Infinite Loop') |
|
Major |
Observed_Examples |
|
Minor |
None |
| 840 |
Business Logic Errors |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 862 |
Missing Authorization |
|
Major |
Applicable_Platforms, Observed_Examples, Relationships |
|
Minor |
None |
| 918 |
Server-Side Request Forgery (SSRF) |
|
Major |
Applicable_Platforms, Observed_Examples, References, Relationships |
|
Minor |
None |
| 925 |
Improper Verification of Intent by Broadcast Receiver |
|
Major |
Observed_Examples |
|
Minor |
None |
| 940 |
Improper Verification of Source of a Communication Channel |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1004 |
Sensitive Cookie Without 'HttpOnly' Flag |
|
Major |
Background_Details, Description, Diagram |
|
Minor |
Potential_Mitigations |
| 1021 |
Improper Restriction of Rendered UI Layers or Frames |
|
Major |
Common_Consequences, Description, Diagram, Potential_Mitigations |
|
Minor |
None |
| 1023 |
Incomplete Comparison with Missing Factors |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
None |
| 1024 |
Comparison of Incompatible Types |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
None |
| 1025 |
Comparison Using Wrong Factors |
|
Major |
Detection_Factors, Potential_Mitigations |
|
Minor |
None |
| 1039 |
Inadequate Detection or Handling of Adversarial Input Perturbations in Automated Recognition Mechanism |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
| 1069 |
Empty Exception Block |
|
Major |
Mapping_Notes |
|
Minor |
None |
| 1078 |
Inappropriate Source Code Style or Formatting |
|
Major |
Detection_Factors |
|
Minor |
None |
| 1088 |
Synchronous Access of Remote Resource without Timeout |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1102 |
Reliance on Machine-Dependent Data Representation |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1104 |
Use of Unmaintained Third Party Components |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1177 |
Use of Prohibited Code |
|
Major |
Potential_Mitigations, References |
|
Minor |
None |
| 1268 |
Policy Privileges are not Assigned Consistently Between Control and Data Agents |
|
Major |
Demonstrative_Examples |
|
Minor |
None |
| 1275 |
Sensitive Cookie with Improper SameSite Attribute |
|
Major |
None |
|
Minor |
Potential_Mitigations |
| 1284 |
Improper Validation of Specified Quantity in Input |
|
Major |
Demonstrative_Examples, Observed_Examples |
|
Minor |
None |
| 1295 |
Debug Messages Revealing Unnecessary Information |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1327 |
Binding to an Unrestricted IP Address |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1329 |
Reliance on Component That is Not Updateable |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1333 |
Inefficient Regular Expression Complexity |
|
Major |
Background_Details, Common_Consequences, Description, Diagram, Modes_of_Introduction |
|
Minor |
None |
| 1335 |
Incorrect Bitwise Shift of Integer |
|
Major |
Observed_Examples |
|
Minor |
None |
| 1336 |
Improper Neutralization of Special Elements Used in a Template Engine |
|
Major |
Relationships |
|
Minor |
None |
| 1357 |
Reliance on Insufficiently Trustworthy Component |
|
Major |
Relationships |
|
Minor |
None |
| 1386 |
Insecure Operation on Windows Junction / Mount Point |
|
Major |
Description |
|
Minor |
None |
| 1395 |
Dependency on Vulnerable Third-Party Component |
|
Major |
Description, Relationships |
|
Minor |
None |
| 1426 |
Improper Validation of Generative AI Output |
|
Major |
Relationships |
|
Minor |
None |
| 1427 |
Improper Neutralization of Input Used for LLM Prompting |
|
Major |
Relationships |
|
Minor |
None |
| 1434 |
Insecure Setting of Generative AI/ML Model Inference Parameters |
|
Major |
Relationships |
|
Minor |
None |
