Lib.rs

Parser implementations
#vulnerabilities #security #cwe #weakness #mitre

cwe-xml

A local in-memory, queryable, and navigable CWE database initialized with one or multiple CWE XML files

by Laurent Quérel

14 releases (6 breaking)

0.7.2 Aug 17, 2023
0.7.1 Jul 2, 2023
0.7.0 Jun 23, 2023

#2155 in Parser implementations

Apache-2.0

41KB
1K SLoC

CWE XML

A local in-memory, queryable, and navigable CWE database initialized with one or multiple CWE XML files. This crate provides a Rust mapping to CWE XML files from the MITRE project.

CWE stands for Common Weakness Enumeration.

XML files are available here.

Features

  • Import multiple CWE catalogs (XML format) into a single CWE database.
  • Navigate CWE hierarchies and list CWE roots.
  • Query the database for weakness by CWE-ID.
  • Query the database for categories by CWE-ID.
  • Infer categories (i.e. weakness inherit categories of their parents).

Status

  • All CWE files from the Mitre project have been loaded and deserialized with this crate.
  • Still very early, no unit tests, no documentation.

Examples

Dependencies

~11–25MB
~391K SLoC