# CodeQL CWE coverage

An overview of the coverage of MITRE's Common Weakness Enumeration (CWE) for the latest release of CodeQL.

## About CWEs

The CWE categorization contains several types of entity, collectively known as CWEs. The CWEs that we consider in this report are only those of the types:

- Weakness Class
- Weakness Base
- Weakness Variant
- Compound Element

Other types of CWE do not correspond directly to weaknesses, so are omitted.

The CWE categorization includes relationships between entities, in particular a parent-child relationship.
These relationships are associated with Views (another kind of CWE entity). For the purposes of coverage claims, we use the "[Research View](https://cwe.mitre.org/data/definitions/1000.html)."

Every security query is associated with one or more CWEs, which are the most precise CWEs that are covered by that query.
Overall coverage is claimed for the most-precise CWEs, as well as for any of their ancestors in the View.

## Overview

<!-- autogenerated CWE coverage table will be added below -->