Skip to main content

Common weakness enumeration wrapper for Python

Project description

CWE Common weakness enumeration library for Python

Python package

https://cwe.mitre.org/index.html

Installation

pip install cwe

Usage

  • Get a CWE by ID:
>>> from cwe import Database
>>> db = Database()
>>> db.get(15)
Weakness(cwe_id=15, name=External Control of System or Configuration Setting)
  • Access attributes of the Weakness using dot notation
>>> weakness = db.get(15)
>>> weakness.description
'One or more system settings or configuration elements can be externally controlled by a user.'
  • Or use the weakness get method
>>> weakness.get("status", None)
'Incomplete'
  • Get a dictionary of the weakness (Truncated for this example)
>>> weakness.to_dict()
{'cwe_id': '15', 'name': 'External Control of System or Configuration Setting', 'weakness_abstraction': 'Base'}
  • Get the top 25 weaknesses
>>> from cwe import Database
>>> db = Database()
>>> db.get_top_25()

Weakness attributes

The following weakness object attributes can accessed:

  • cwe_id
  • name
  • weakness_abstraction
  • status
  • description
  • extended_description
  • related_weaknesses
  • weakness_ordinalities
  • applicable_platforms
  • background_details
  • alternate_terms
  • modes_of_introduction
  • exploitation_factors
  • likelihood_of_exploit
  • common_consequences
  • detection_methods
  • potential_mitigations
  • observed_examples
  • functional_areas
  • affected_resources
  • taxonomy_mappings
  • related_attack_patterns
  • notes

Tests

There's a small unittest test suite in the tests directory

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cwe-1.6.tar.gz (660.9 kB view hashes)

Uploaded Source

Built Distribution

cwe-1.6-py3-none-any.whl (527.3 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page