| abstraction |
CWE abstraction tier (e |
| affected_resources |
System resources that can be affected by exploiting this weakness |
| alternate_terms |
Other names by which this weakness is known |
| applicable_platforms |
Languages, OS, architectures, and technologies where this weakness can appear |
| architectures |
Processor architectures applicable to this weakness |
| audience |
Target stakeholder groups for this view or category |
| authors |
Authors of the referenced material |
| background_details |
Background information relevant but not describing the weakness itself |
| body_texts |
Interleaved body text paragraphs for a demonstrative example |
| categories |
CWE categories grouping weaknesses by a common characteristic |
| chain_id |
ID of a named chain for CanFollow/CanPrecede relationships |
| class_ |
Class or category of a platform (narrowed per class via slot_usage) |
| comment |
Explanatory comment (e |
| comments |
Further clarification for the mapping notes reader |
| common_consequences |
Individual consequences associated with this weakness |
| consequence_id |
Unique identifier for a common consequence (e |
| content |
Textual content of a note |
| content_history |
Tracks the original author and subsequent modifications |
| contribution_comment |
Comment related to the contribution |
| contribution_date |
Date of the contribution |
| contribution_name |
Name of the contributor |
| contribution_organization |
Organization of the contributor |
| contribution_release_date |
Release date of the CWE version containing the contribution |
| contribution_version |
CWE version in which the contribution first appeared |
| contributions |
Contribution records for this entry |
| cpe_id |
CPE identifier for a platform |
| cwe_id |
Numeric CWE ID (foreign key in relationships and members) |
| date |
Date associated with a catalog snapshot or a name-change event |
| demonstrative_example_id |
Unique identifier for a demonstrative example (e |
| demonstrative_examples |
Code examples illustrating how this weakness may appear |
| description |
Narrative description of the entity |
| detection_method_id |
Unique identifier for a detection method entry (e |
| detection_methods |
Methods that may be employed to detect this weakness |
| diagram |
Optional diagram filename or reference associated with the entry |
| edition |
Edition of the material being referenced |
| effectiveness |
Effectiveness level (range narrowed to DetectionEffectiveness or MitigationEf... |
| effectiveness_notes |
Strengths and shortcomings of this detection or mitigation |
| entry_id |
ID of the entry in the external taxonomy |
| entry_name |
Name of the entry in the external taxonomy |
| example_codes |
Structured code snippets within a demonstrative example |
| exploitation_factors |
Conditions that could increase the likelihood of exploit |
| extended_description |
Extended description providing additional details beyond the core concept |
| external_reference_id |
Identifier of the ExternalReference being linked to (e |
| external_references |
External references shared across CWE entries in this catalog |
| filter |
XSL query identifying members of an implicit slice view |
| functional_areas |
Functional areas in which this weakness is most likely to occur |
| has_member |
CWE entries that belong to this category or view |
| id |
Unique numeric identifier for the CWE entry, category, or view |
| impacts |
Technical impacts that arise if the weakness is exploited |
| intro_text |
Context and setting for the demonstrative example |
| language |
Programming language for a code example or platform context |
| languages |
Programming languages applicable to this weakness |
| likelihood |
Likelihood of this specific consequence |
| likelihood_of_exploit |
Qualitative likelihood that the weakness can be exploited |
| link |
URL providing more information about the observed example |
| mapping_fit |
How close the CWE entry is to the mapped taxonomy entry |
| mapping_notes |
Guidance for when and whether to map an issue to this entry |
| member_of |
Views or categories that this entry belongs to |
| members |
Member entries for a CWE view |
| method |
Detection method (range narrowed per class via slot_usage) |
| mitigation_id |
Unique identifier for a potential mitigation (e |
| modes_of_introduction |
Information about how and when this weakness may be introduced |
| modification_comment |
Comment describing what was changed |
| modification_date |
Date on which the modification was made |
| modification_importance |
Importance level of this modification |
| modification_name |
Name of the person who made the modification |
| modification_organization |
Organization of the modifier |
| modification_release_date |
Release date of the CWE version containing the modification |
| modification_version |
CWE version in which the modification first appeared |
| modifications |
Ordered list of modifications made to this entry |
| name |
Short human-readable name or title for this entity |
| nature |
Nature or kind qualifier for this entity (narrowed per class via slot_usage) |
| note |
Additional contextual note |
| notes |
Additional comments about this entry |
| objective |
Perspective from which a view has been constructed |
| observation_id |
Identifier for an NVD weakness observation row |
| observations |
Weakness observations from NVD vulnerability detail pages |
| observed_examples |
Real-world instances of this weakness |
| observed_in_cve |
CVE identifier where this weakness observation appears |
| operating_systems |
Operating systems applicable to this weakness |
| ordinal |
Set to "Primary" for the primary ChildOf relationship in the given view |
| ordinality |
Ordinality level (Primary, Resultant, or Indirect) |
| phase |
Lifecycle phase for introduction or mitigation |
| phases |
Lifecycle phases during which a mitigation may be applied |
| potential_mitigations |
Potential mitigations associated with this weakness |
| prevalence |
Regularity with which a weakness applies to this platform |
| previous_entry_names |
Previous names used for this entry before a substantive rename |
| publication |
Name of the magazine or journal |
| publication_day |
Day of publication in ---DD format |
| publication_month |
Month of publication in --MM format |
| publication_year |
Year of publication in YYYY format |
| publisher |
Publisher of the referenced material |
| rationale |
Context for the mapping usage designation |
| reasons |
Vocabulary summary of the mapping usage recommendation |
| reference |
Identifier for a real-world example (e |
| reference_id |
Globally unique identifier for an external reference (e |
| references |
Links to external references defined in the catalog |
| related_attack_patterns |
CAPEC identifiers of attack patterns associated with this weakness |
| related_weaknesses |
Typed relationships to other CWE entries |
| relationships |
Membership relationships for a CWE category |
| reported_by |
Source label for the weakness row (e |
| scopes |
Security properties violated by this consequence |
| section |
Section title or page number specific to this use of the reference |
| source |
Source or origin of the data |
| status |
Lifecycle status of the CWE entry, category, or view |
| strategy |
General protection strategy to which a mitigation contributes |
| structure |
Structural nature of the weakness (Simple, Chain, or Composite) |
| submission |
Initial submission information for this entry |
| submission_comment |
Optional comment related to the submission |
| submission_date |
Date on which this entry was submitted |
| submission_name |
Name of the person who submitted this entry |
| submission_organization |
Organization of the submitter |
| submission_release_date |
Release date of the CWE version that added this entry |
| submission_version |
CWE version in which this entry was first added |
| suggestions |
Suggested alternative CWE entries for mapping |
| summary |
Key points that define a category |
| tags |
Free-form tags for grouping and downstream filtering |
| taxonomy_mappings |
Mappings to equivalent entries in external taxonomies |
| taxonomy_name |
Name of the external taxonomy to which the mapping is made |
| technologies |
Technologies applicable to this weakness |
| term |
An alternate term by which this weakness may be known |
| title |
Descriptive title for a reference or catalog element |
| title_text |
Optional title for a demonstrative example |
| type |
Type discriminator (narrowed per class via slot_usage) |
| url |
URL pointing to the reference resource |
| url_date |
Date when the URL was last validated to exist |
| usage |
Whether this CWE entry is supported for mapping |
| version |
Version string of the catalog, entry, or submission |
| view_id |
View ID within which a relationship or membership is relevant |
| views |
CWE views providing different perspectives on the catalog |
| weakness |
Referenced CWE entry for this observation |
| weakness_ordinalities |
Potential ordering relationships of this weakness with others |
| weaknesses |
Canonical CWE weakness entries in this catalog snapshot |