CWE-734: CERT C Secure Coding Standard Compliance

The recommendations provided in the 2008 book "The CERT C Secure Coding Standard" can completely or partially eliminate CWE entries that are listed in this graph. However, it should be noted that this graph is outdated since a more recent version of the coding standard is now accessible. This graph serves as a static representation of the coding rules from 2008.

The graph provided illustrates the hierarchical relationships between weaknesses existing at different levels of abstraction. At the highest level, weaknesses are grouped into categories and pillars. Categories, which are not technically weaknesses themselves, serve as special entries in the CWE system to group weaknesses that share a common characteristic. Pillars, on the other hand, represent weaknesses that are described in a highly abstract manner. Below these top-level entries, weaknesses are organized at varying levels of abstraction. Classes are still quite abstract and are generally independent of any specific language or technology. On the other hand, base level weaknesses provide a more specific type of weakness. Variants, on the other hand, are weaknesses that are described with a very low level of detail, typically limited to a specific language or technology. In contrast, a chain refers to a sequence of weaknesses that must be reached consecutively in order to exploit a vulnerability. Lastly, a composite represents a set of weaknesses that must all be present simultaneously to exploit a vulnerability.