Skip to content

Fix incorrect CWE names in A07 and A09 mapped CWE lists (#936)#942

Open
Uditbhardwajj wants to merge 2 commits intoOWASP:masterfrom
Uditbhardwajj:master
Open

Fix incorrect CWE names in A07 and A09 mapped CWE lists (#936)#942
Uditbhardwajj wants to merge 2 commits intoOWASP:masterfrom
Uditbhardwajj:master

Conversation

@Uditbhardwajj
Copy link
Copy Markdown

@Uditbhardwajj Uditbhardwajj commented Mar 22, 2026

This PR corrects the names of CWE-298, CWE-299, and CWE-221 in the "List of Mapped CWEs" section for A07 and A09.

The names have been updated to match the official CWE definitions from MITRE.

  • CWE-298: Updated to "Improper Validation of Certificate Expiration"
  • CWE-299: Updated to "Improper Check for Certificate Revocation"
  • CWE-221: Corrected typo ("of" → "or")

Fixes #936

@Uditbhardwajj
Improper Check for Certificate Revocation
70d16f4 
Updated CWE-298 and CWE-299 names to match official CWE definitions.
@Uditbhardwajj
Correct CWE-221 description in security logging document
a480199 
 CWE-221: Fixed typo ("of" → "or")
@NureddinSoltan
Copy link
Copy Markdown

NureddinSoltan commented Mar 22, 2026

Duplicate of #937. Close it please.

@Uditbhardwajj
Copy link
Copy Markdown
Author

Uditbhardwajj commented Mar 23, 2026

Thanks for pointing that out ,I missed that it was already fixed.

I’ll double-check existing issues and PRs more carefully next time before working on something similar.

Appreciate the guidance!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[A07, A09:2025] Incorrect CWE-221, CWE-298, CWE-299 Name in List of Mapped CWEs

2 participants

@Uditbhardwajj @NureddinSoltan