Problem
In X01_2025-Next_Steps.md, the X01:2025 Lack of Application Resilience
section
contains an incorrect "List of Mapped CWEs".
Evidence
-
Background section (line 12) mentions relevant CWEs as:
- CWE-400 Uncontrolled Resource Consumption
- CWE-409 Improper Handling of Highly Compressed Data (Data Amplification)
- CWE-674 Uncontrolled Recursion
- CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
-
Score table (lines 18-59) states "CWEs Mapped: 16"
-
List of Mapped CWEs section (lines 110-149) contains 39 entries:
- None of which include CWE-400, 409, 674, or 835
- The 39 CWEs listed are identical to A06:2025 Insecure Design's CWE
list
Root Cause (suspected)
The CWE list for X01:2025 appears to have been accidentally copied from A06_2025-Insecure_Design.md during document preparation.
Expected
The X01:2025 CWE list should:
- Match the count in the score table (16)
- Include the CWEs mentioned in the Background section (400, 409, 674, 835)
- Contain resilience-related CWEs appropriate for this category
Files affected
- 2025/docs/en/X01_2025-Next_Steps.md
- Section: X01:2025 Lack of Application Resilience
- Lines: 110-149 (List of Mapped CWEs)
Problem
In
X01_2025-Next_Steps.md, the X01:2025 Lack of Application Resiliencesection
contains an incorrect "List of Mapped CWEs".
Evidence
Background section (line 12) mentions relevant CWEs as:
Score table (lines 18-59) states "CWEs Mapped: 16"
List of Mapped CWEs section (lines 110-149) contains 39 entries:
list
Root Cause (suspected)
The CWE list for X01:2025 appears to have been accidentally copied from A06_2025-Insecure_Design.md during document preparation.
Expected
The X01:2025 CWE list should:
Files affected