A new minor release of CWE (version 3.3) is now posted on the website. CWE 3.3 has 1 new view, 1 updated view with 2 new entries, and 2 deprecated entries. In all, 238 entries had major changes to relationship, references, names, fields, and descriptions.
This version focused on the following:
Updating the CWE-1003: Weaknesses for Simplified Mapping of Published Vulnerabilities view, which may be used to categorize potential weaknesses within sources that handle public, third-party vulnerability information, such as the U.S. National Vulnerability Database (NVD); and adding 2 new weaknesses related to CWE-1003, CWE-1187: Use of Uninitialized Resource, which occurs when a resource has not been properly initialized and the software may behave unexpectedly, and CWE-1188: Insecure Default Initialization of Resource, which occurs when the software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
Adding 1 new view, CWE-1178: Weaknesses Addressed by the SEI CERT Perl Coding Standard, which identifies weaknesses in Perl that may be fully or partially prevented by following the SEI CERT Perl Coding Standard