CWE-1200: Understanding CWE 1200: Overview of Dangerous Software Errors

The 2019 CWE Top 25 Most Dangerous Software Errors includes a list of CWE entries in this particular view.

The graph provided illustrates the hierarchical relationships between weaknesses that exist at different levels of abstraction. At the highest level, there are categories and pillars which serve as a means to group weaknesses. Categories, although not weaknesses themselves, are special entries in the CWE (Common Weakness Enumeration) that serve to group weaknesses with similar characteristics. Pillars, on the other hand, represent weaknesses described in a more abstract manner. Underneath these top-level entries, there are weaknesses at varying levels of abstraction. Classes, which are still highly abstract, are typically independent of any specific programming language or technology. Base level weaknesses, on the other hand, present a more specific type of weakness. Variants describe weaknesses in a highly specific manner, often limited to a particular programming language or technology. Chains, on the other hand, are sets of weaknesses that must be sequentially reachable to exploit a vulnerability. Finally, composites represent sets of weaknesses that need to coexist simultaneously to exploit a vulnerability.