CWE-868: SEI CERT C++ Coding Standard Adherence

The CWE entries depicted in this graph have been addressed to either a full or partial extent through adherence to the SEI CERT C++ Coding Standard, which was published in 2016. It should be noted that this view is no longer actively updated and solely reflects the coding rules as they stood in 2016.

The tree-like relationships between weaknesses at different levels of abstraction can be seen in the graph below. At the highest level, there are categories and pillars that serve to group weaknesses. Categories, although not weaknesses themselves, are special CWE entries used to group weaknesses with common characteristics. Pillars, on the other hand, are weaknesses described in a highly abstract manner. Below these top-level entries, there are weaknesses at various levels of abstraction. Classes are still quite abstract and are typically not tied to any specific language or technology. Base level weaknesses, on the other hand, provide a more specific type of weakness. Variants are weaknesses that are described in great detail, usually limited to a specific language or technology. Chains consist of weaknesses that must be sequentially accessible to exploit a vulnerability. Conversely, composites are collections of weaknesses that must all be simultaneously present to exploit a vulnerability.