What is A03 (OWASP A03:2025 — Software & Data Supply Chain Failures)?
OWASP Top 10 (2025) item #3. Replaced the 2021 'Vulnerable and Outdated Components' category with a broader software-and-data supply chain framing. Highest community-vote category in the 2025 survey (50% ranked it #1) and the highest measured incidence rate (5.19%) in OWASP's contributed test data.
Full explanation
A03:2025 covers the full software supply chain: OSS dependencies, build pipeline integrity, package registries, training data provenance, model weights, and third-party APIs. The 2025 elevation reflects the post-XZ / post-SolarWinds / post-slopsquatting reality where supply-chain attacks are the dominant new-CVE source. Defenses cluster into: SBOM + AIBOM emission, SLSA-grade build provenance, signed releases (Sigstore / DSSE), dependency-vuln scanning, slopsquatting heuristics, and trusted-mirror / allow-list registries for production.
Example
A startup ships an internal tool whose package.json pulls in a transitive dependency that was malicious-mainainer-takeover'd 60 days ago. Without dependency review or SBOM provenance, the malware ships into production. Defense: dependency-vuln scan on every PR + SBOM emission + private registry mirror.
Related
FAQ
How is this different from the 2021 A06?
The 2021 A06 was 'Vulnerable and Outdated Components' — a narrower scope focused on dependency-version hygiene. The 2025 A03 widened to cover the full pipeline including build integrity, training-data provenance, and package-registry attacks.
Where does AI/LLM supply chain fit?
AI-specific concerns (model weights, training data, fine-tune adapters) are explicit additions in 2025. AIBOM (CycloneDX 1.6) is the recommended machine-readable artifact.