common weakness enumeration (CWE)

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

CWE

CNSSI 4009-2015

NIST SP 800-115

NIST SP 800-137

NIST SP 800-150

NIST SP 800-161

NIST SP 800-163

NIST SP 800-163 Rev.1

NIST SP 800-53 Rev. 5

NISTIR 8011 Vol. 1

NISTIR 8011 Vol. 4

NISTIR 8246

Definition(s):

  A taxonomy for identifying the common sources of software flaws (e.g., buffer overflows, failure to check input data).
Source(s):
CNSSI 4009-2015 from NIST ITL Bulletin, Dec. 2013
NISTIR 8011 Vol. 4 from CNSSI 4009-2015

  A list of known poor coding practices that may be present in software [CWE].
Source(s):
NISTIR 8011 Vol. 4

  See also, weakness.
Source(s):
NISTIR 8011 Vol. 4

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

common weakness enumeration (CWE)

Glossary Comments