CWE-928: OWASP Top Ten 2013 Graph Connections

The nodes in this graph represent CWE elements that are connected to the OWASP Top Ten list, which was published in 2013. However, it is important to note that this graph is now considered outdated, as a more recent version of the OWASP Top Ten is currently accessible.

The graph displayed illustrates the hierarchical connections between weaknesses at different levels of abstraction. The highest level consists of categories and pillars, which serve as groupings for weaknesses. Categories, although not technically weaknesses themselves, are specific entries designed to group together weaknesses sharing a common characteristic. On the other hand, pillars are weaknesses described in a highly abstract manner. Below these top-level entities are weaknesses categorized at various levels of abstraction. Classes are still quite abstract, usually unrelated to any particular programming language or technology. Base level weaknesses, on the other hand, address more specific types of weaknesses. Variants are weaknesses with very specific details, often limited to a particular programming language or technology. A chain refers to a sequence of weaknesses that must be exploited consecutively to create a vulnerability. Conversely, a composite is a collection of weaknesses that must all be present simultaneously to create an exploitable vulnerability.