Any change with respect to whitespace is ignored. "Minor"
changes are text changes that only affect capitalization and
punctuation. Most other changes are marked as "Major."
Simple schema changes are treated as Minor, such as the change from
AffectedResource to Affected_Resource in Draft 8, or the relationship
name change from "IsRequiredBy" to "RequiredBy" in
Version 1.0. For each mutual relationship between nodes A and B (such
as ParentOf and ChildOf), a relationship change is noted for both A
and B.
The "Version 4.8 Total" lists the total number of relationships
in Version 4.8. The "Shared" value is the total number of
relationships in entries that were in both Version 4.8 and Version 4.7. The
"New" value is the total number of relationships involving
entries that did not exist in Version 4.7. Thus, the total number of
relationships in Version 4.8 would combine stats from Shared entries and
New entries.
A node change is labeled "important" if it is a major field change and
the field is critical to the meaning of the node. The critical fields
are description, name, and relationships.
| | R |
20 |
Improper Input Validation |
| | R |
22 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| | R |
59 |
Improper Link Resolution Before File Access ('Link Following') |
| | R |
77 |
Improper Neutralization of Special Elements used in a Command ('Command Injection') |
| | R |
78 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
| | R |
79 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
| | R |
89 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
| | R |
94 |
Improper Control of Generation of Code ('Code Injection') |
D | N | R |
113 |
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') |
| | R |
119 |
Improper Restriction of Operations within the Bounds of a Memory Buffer |
| | R |
125 |
Out-of-bounds Read |
| | R |
190 |
Integer Overflow or Wraparound |
| | R |
276 |
Incorrect Default Permissions |
| | R |
287 |
Improper Authentication |
| | R |
306 |
Missing Authentication for Critical Function |
| | R |
311 |
Missing Encryption of Sensitive Data |
| | R |
319 |
Cleartext Transmission of Sensitive Information |
| | R |
352 |
Cross-Site Request Forgery (CSRF) |
| | R |
362 |
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
| | R |
400 |
Uncontrolled Resource Consumption |
| | R |
416 |
Use After Free |
| | R |
434 |
Unrestricted Upload of File with Dangerous Type |
| | R |
436 |
Interpretation Conflict |
D | N | |
444 |
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') |
| | R |
476 |
NULL Pointer Dereference |
| | R |
502 |
Deserialization of Untrusted Data |
| | R |
611 |
Improper Restriction of XML External Entity Reference |
| | R |
614 |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute |
| | R |
787 |
Out-of-bounds Write |
| | R |
798 |
Use of Hard-coded Credentials |
| | R |
862 |
Missing Authorization |
D | | R |
917 |
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') |
| | R |
918 |
Server-Side Request Forgery (SSRF) |
| | R |
1194 |
Hardware Design |
| | R |
1247 |
Improper Protection Against Voltage and Clock Glitches |
| | R |
1248 |
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications |
| | R |
1255 |
Comparison Logic is Vulnerable to Power Side-Channel Attacks |
| | R |
1261 |
Improper Handling of Single Event Upsets |
| | R |
1278 |
Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques |
| | R |
1300 |
Improper Protection of Physical Side Channels |
| | R |
1319 |
Improper Protection against Electromagnetic Fault Injection (EM-FI) |
| | R |
1332 |
Improper Handling of Faults that Lead to Instruction Skips |
| | R |
1336 |
Improper Neutralization of Special Elements Used in a Template Engine |
| | R |
1351 |
Improper Handling of Hardware Behavior in Exceptionally Cold Environments |
D | N | R |
1384 |
Improper Handling of Physical or Environmental Conditions |
20 |
Improper Input Validation |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
22 |
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
23 |
Relative Path Traversal |
|
Major |
Observed_Examples |
|
Minor |
None |
59 |
Improper Link Resolution Before File Access ('Link Following') |
|
Major |
Relationships |
|
Minor |
None |
64 |
Windows Shortcut Following (.LNK) |
|
Major |
Observed_Examples |
|
Minor |
None |
74 |
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
|
Major |
Observed_Examples |
|
Minor |
None |
77 |
Improper Neutralization of Special Elements used in a Command ('Command Injection') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
78 |
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
79 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
89 |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
94 |
Improper Control of Generation of Code ('Code Injection') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
95 |
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') |
|
Major |
Observed_Examples |
|
Minor |
None |
113 |
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') |
|
Major |
Alternate_Terms, Common_Consequences, Demonstrative_Examples, Description, Name, Observed_Examples, Potential_Mitigations, References, Relationships, Theoretical_Notes |
|
Minor |
None |
119 |
Improper Restriction of Operations within the Bounds of a Memory Buffer |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
121 |
Stack-based Buffer Overflow |
|
Major |
Observed_Examples |
|
Minor |
None |
125 |
Out-of-bounds Read |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
131 |
Incorrect Calculation of Buffer Size |
|
Major |
Observed_Examples |
|
Minor |
None |
190 |
Integer Overflow or Wraparound |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
197 |
Numeric Truncation Error |
|
Major |
Observed_Examples |
|
Minor |
None |
276 |
Incorrect Default Permissions |
|
Major |
Relationships |
|
Minor |
None |
284 |
Improper Access Control |
|
Major |
Observed_Examples |
|
Minor |
None |
287 |
Improper Authentication |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
306 |
Missing Authentication for Critical Function |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
311 |
Missing Encryption of Sensitive Data |
|
Major |
Relationships |
|
Minor |
None |
319 |
Cleartext Transmission of Sensitive Information |
|
Major |
Relationships |
|
Minor |
None |
352 |
Cross-Site Request Forgery (CSRF) |
|
Major |
Relationships |
|
Minor |
None |
362 |
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
367 |
Time-of-check Time-of-use (TOCTOU) Race Condition |
|
Major |
Observed_Examples |
|
Minor |
None |
400 |
Uncontrolled Resource Consumption |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
416 |
Use After Free |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
434 |
Unrestricted Upload of File with Dangerous Type |
|
Major |
Relationships |
|
Minor |
None |
436 |
Interpretation Conflict |
|
Major |
Relationships |
|
Minor |
None |
444 |
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') |
|
Major |
Alternate_Terms, Common_Consequences, Demonstrative_Examples, Description, Name, Observed_Examples, References, Taxonomy_Mappings |
|
Minor |
None |
476 |
NULL Pointer Dereference |
|
Major |
Relationships |
|
Minor |
None |
502 |
Deserialization of Untrusted Data |
|
Major |
Relationships |
|
Minor |
None |
611 |
Improper Restriction of XML External Entity Reference |
|
Major |
Relationships |
|
Minor |
None |
614 |
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute |
|
Major |
Relationships |
|
Minor |
None |
625 |
Permissive Regular Expression |
|
Major |
Observed_Examples |
|
Minor |
None |
667 |
Improper Locking |
|
Major |
Observed_Examples |
|
Minor |
None |
697 |
Incorrect Comparison |
|
Major |
Observed_Examples |
|
Minor |
None |
787 |
Out-of-bounds Write |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
798 |
Use of Hard-coded Credentials |
|
Major |
Relationships |
|
Minor |
None |
862 |
Missing Authorization |
|
Major |
Relationships |
|
Minor |
None |
917 |
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') |
|
Major |
Description, Maintenance_Notes, Observed_Examples, Potential_Mitigations, References, Relationships |
|
Minor |
None |
918 |
Server-Side Request Forgery (SSRF) |
|
Major |
Observed_Examples, Relationships |
|
Minor |
None |
1059 |
Insufficient Technical Documentation |
|
Major |
None |
|
Minor |
References |
1194 |
Hardware Design |
|
Major |
Relationships |
|
Minor |
None |
1246 |
Improper Write Handling in Limited-write Non-Volatile Memories |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1247 |
Improper Protection Against Voltage and Clock Glitches |
|
Major |
Applicable_Platforms, Relationships |
|
Minor |
None |
1248 |
Semiconductor Defects in Hardware Logic with Security-Sensitive Implications |
|
Major |
Relationships |
|
Minor |
None |
1250 |
Improper Preservation of Consistency Between Independent Representations of Shared State |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1252 |
CPU Hardware Not Configured to Support Exclusivity of Write and Execute Operations |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1255 |
Comparison Logic is Vulnerable to Power Side-Channel Attacks |
|
Major |
Relationships |
|
Minor |
None |
1256 |
Improper Restriction of Software Interfaces to Hardware Features |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1257 |
Improper Access Control Applied to Mirrored or Aliased Memory Regions |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1259 |
Improper Restriction of Security Token Assignment |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1260 |
Improper Handling of Overlap Between Protected Memory Ranges |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1261 |
Improper Handling of Single Event Upsets |
|
Major |
Relationships |
|
Minor |
None |
1278 |
Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques |
|
Major |
Relationships |
|
Minor |
None |
1279 |
Cryptographic Operations are run Before Supporting Units are Ready |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1280 |
Access Control Check Implemented After Asset is Accessed |
|
Major |
None |
|
Minor |
Demonstrative_Examples |
1290 |
Incorrect Decoding of Security Identifiers |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1292 |
Incorrect Conversion of Security Identifiers |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1294 |
Insecure Security Identifier Mechanism |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1296 |
Incorrect Chaining or Granularity of Debug Components |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1297 |
Unprotected Confidential Information on Device is Accessible by OSAT Vendors |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1299 |
Missing Protection Mechanism for Alternate Hardware Interface |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1300 |
Improper Protection of Physical Side Channels |
|
Major |
Relationships |
|
Minor |
None |
1314 |
Missing Write Protection for Parametric Data Values |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1316 |
Fabric-Address Map Allows Programming of Unwarranted Overlaps of Protected and Unprotected Ranges |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1317 |
Missing Security Checks in Fabric Bridge |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1318 |
Missing Support for Security Features in On-chip Fabrics or Buses |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1319 |
Improper Protection against Electromagnetic Fault Injection (EM-FI) |
|
Major |
Applicable_Platforms, Relationships |
|
Minor |
None |
1320 |
Improper Protection for Out of Bounds Signal Level Alerts |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1324 |
Sensitive Information Accessible by Physical Probing of JTAG Interface |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1326 |
Missing Immutable Root of Trust in Hardware |
|
Major |
Applicable_Platforms, Modes_of_Introduction |
|
Minor |
Demonstrative_Examples, Description |
1328 |
Security Version Number Mutable to Older Versions |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1330 |
Remanent Data Readable after Memory Erase |
|
Major |
Applicable_Platforms |
|
Minor |
None |
1331 |
Improper Isolation of Shared Resources in Network On Chip (NoC) |
|
Major |
Applicable_Platforms |
|
Minor |
Common_Consequences |
1332 |
Improper Handling of Faults that Lead to Instruction Skips |
|
Major |
Relationships |
|
Minor |
Potential_Mitigations |
1336 |
Improper Neutralization of Special Elements Used in a Template Engine |
|
Major |
Maintenance_Notes, Relationships |
|
Minor |
None |
1338 |
Improper Protections Against Hardware Overheating |
|
Major |
Applicable_Platforms |
|
Minor |
Description |
1351 |
Improper Handling of Hardware Behavior in Exceptionally Cold Environments |
|
Major |
Relationships |
|
Minor |
None |
1384 |
Improper Handling of Physical or Environmental Conditions |
|
Major |
Description, Name, Potential_Mitigations, Relationships, Type |
|
Minor |
Modes_of_Introduction |