Version 4.0 of CWE is scheduled to be released on Monday Feb 24. The
expansion into hardware weaknesses is a major aspect of this release. But a
refactored software view will also be part of this release. This new view
will reduce the number of relationships and simply the overall appearance
and structure of the view. Our hope is that these changes make the view
more useful to a wider audience. Weaknesses are grouped by terms (i.e.,
categories) familiar to software development, and each group is a single
flat list of the things to worry about (i.e., the base weaknesses). Don't
worry, the complex relationships linking weaknesses together will still be
present in the research view, which is structurally unchanged from Version
Attached is a PDF showing a draft version of the expanded categories and
weaknesses in the software view. Notice the flatter structure of this view
and the focus on base level weaknesses.
We are sending this around to give everyone a heads up regarding the change,
and also allow for a bit of feedback in advance of the official release.