The cwe database is incomplete

[firmianay]

https://cwe.mitre.org/data/definitions/399.html

>>> from cwe2.database import Database
>>> db = Database()
>>> db.get(399)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/Users/yangchao/.virtualenvs/cve-env/lib/python3.10/site-packages/cwe2/database.py", line 58, in get
    raise Exception(f"Invalid CWE ID {cwe_id} - {category or ''}")
Exception: Invalid CWE ID 399 - 

[ziadhany]

@firmianay Good catch , I will fix this problem and I will test it against nvd importer ( vulnerablecode project ) to make sure all cwe-id is working

[ziadhany]

@firmianay
I couldn't find CWE-399 on https://cwe.mitre.org/data/downloads.html ,
(this CWE ID must not be used to map to real-world vulnerabilities).
https://cwe.mitre.org/data/definitions/399.html

Notes:
Mapping
Use for Mapping: Prohibited (this CWE ID must not be used to map to real-world vulnerabilities).

but it would be great if you have any resources so we can gather that
similar issue :
CWE-264 : Julian-Nash/cwe#3
`

[pombredanne]

@ziadhany I think you found a solution based on our last community calls, correct?
In the end we will support things that should not be used, because they are still used in the wild?

[ziadhany]

@pombredanne yes now we support all CWE CATEGORY and I am preparing for a release .

>>> db.get(399)
Weakness(cwe_id='399', name='Resource Management Errors', weakness_abstraction=None, status='Draft', description='Weaknesses in this category are related to improper management of system resources.', extended_description=(None,), related_weaknesses=(None,), weakness_ordinalities=(None,), applicable_platforms=None, background_details=None, alternate_terms=None, modes_of_introduction=None, exploitation_factors=None, likelihood_of_exploit=None, common_consequences=None, detection_methods=None, potential_mitigations=None, observed_examples=None, functional_areas=None, affected_resources=None, taxonomy_mappings=None, related_attack_patterns=None, notes=None)