...
- A three-letter mnemonic representing the section of the standard
- A two-digit numeric value in the range of 00 to 99
- A suffix that represents the associated language or platform.
- "-C" for the c
- "-CPP" for the cplusplus
- "-J" for the SEI CERT Oracle Coding Standard for Java java
- "-PL" for the SEI CERT Perl Coding Standard perl
The three-letter mnemonic can be is used to group similar coding practices and to indicate which category a coding practice belongs to.
...
Recommendations are not compulsory and are provided for information purposes only.
Automated Detection
Both On the wiki, both rules and recommendations frequently have sections that describe automated detection. These sections provide additional information on analyzers that can automatically diagnose violations of coding guidelines. Most automated analyses for the C++ programming language are neither sound nor complete, so the inclusion of a tool in this section typically means that the tool can diagnose some violations of this particular rule. The Secure Coding Validation Suite can be used to test the ability of analyzers to diagnose violations of rules from ISO/IEC TS 17961:2013, which is related to the rules in the c.
...
You can create a unique URL to get more information on CWEs by appending the relevant ID to the end of a fixed string. For example, to find more information about "CWE-192, : Integer Coercion Error,” " you can append 192.html to http://cwe.mitre.org/data/definitions/ and enter the resulting URL in your browser: http://cwe.mitre.org/data/definitions/192.html.
...