Matthew Nelson
Mitre has added 137 new entries to an online database of software security weaknesses, Inside Defense reported Monday.
Version 3.2 of the Common Weakness Enumeration also includes one “deprecated” item and 534 amended entries, which the nonprofit company attributed to changes in names, relationship, description and references.
The community-developed list seeks to provide a common baseline standard for developers and security professionals to identify, prevent and address vulnerabilities in software products.
CWE was based on the Preliminary List Of Vulnerability Examples for Researchers, which Mitre produced through the National Institute of Standards and Technology‘s Software Assurance Metrics and Tool Evaluation project.
The company released the database’s version 3.1 in late March of last year.
