CWE v2.2 – Common Weakness Enumeration Released
Common Weakness Enumeration. A community-Developed Dictionary of Software Weakness Types.
The Common Weakness Enumeration (CWE™) is a list of software weaknesses. Creating the list is a community initiative. Together, these organizations and any others that wish to join the effort, are creating specific and succinct definitions for each of the elements in the CWE List. By leveraging the widest possible group of interests and talents we hope to ensure that the CWE elements are adequately described and differentiated.
The main changes include:
(1) creation of 23 new entries for two new views: CWE cross-section and Software Fault Patterns;
(2) updates for demonstrative examples in 118 entries, and observed examples in 72 entries;
(3) improvements to common consequences in 85 entries, improving support of Common Weakness Scoring System (CWSS™) and Common Weakness Risk Analysis Framework (CWRAF™);
(4) Common Attack Pattern Enumeration and Classification (CAPEC™) updates for 78 entries;
(5) 95 taxonomy mapping modifications to reflect the various CERT secure coding standards;
(6) additional references for 192 entries. In all, 683 entries were modified.
There were no schema modifications for this version.
More Information: here