cwe2: CWE common weakness enumeration library

3.0.0 verified Sat May 09 auth: no python

cwe2 is a Python library for working with the Common Weakness Enumeration (CWE) dictionary. Version 3.0.0 provides access to CWE data including weaknesses, categories, and views. The library is actively maintained with periodic releases.

pip install cwe2

Common errors

error ModuleNotFoundError: No module named 'cwe' ↓

cause Importing the wrong module name. The correct package is 'cwe2', not 'cwe'.

fix

Run: pip install cwe2 and use 'from cwe2 import CWE'.

error AttributeError: 'Weakness' object has no attribute '__getitem__' ↓

cause Accessing Weakness object as a dict. In version 3.0.0, CWE.get() returns a Weakness object, not a dict.

fix

Access attributes directly: weakness.name, weakness.description, etc.

error ValueError: CWE ID must start with 'CWE-' ↓

cause Passing an ID without the 'CWE-' prefix.

fix

Use 'CWE-79' instead of '79'.

error requests.exceptions.ConnectionError: Failed to download CWE data ↓

cause No internet connection or the CWE data source is unreachable.

fix

Check internet connectivity. If behind a proxy, set HTTP_PROXY environment variable.

Warnings

breaking Version 3.0.0 changed the API: the CWE class is now imported from cwe2 instead of cwe2.cwe. Also the get() method returns a Weakness object instead of a dict. ↓

fix Update imports to 'from cwe2 import CWE' and access attributes like weakness.name instead of weakness['name'].

gotcha CWE data is not bundled; it's downloaded on first instantiation. Requires internet access and write permissions to the cache directory. ↓

fix Ensure internet connectivity. Set CWE_CACHE_DIR environment variable to a writable path if default (e.g., ~/.cwe) is not accessible.

gotcha CWE IDs must include the 'CWE-' prefix. Using just '79' will raise an error. ↓

fix Always pass full CWE ID string, e.g., 'CWE-79'.

Imports

CWE
wrong
```
import cwe
```
correct
```
from cwe2 import CWE
```
cwe2 is the correct package name; import cwe will fail unless another library named cwe exists.

Quickstart

Initialize CWE object and fetch a weakness by its CWE-ID. The library downloads the CWE data on first use.

from cwe2 import CWE

# Load CWE database
cwe = CWE()
# Get a specific weakness by ID
weakness = cwe.get('CWE-79')
print(weakness.name)
print(weakness.description)