CWE-404 - Improper Resource Shutdown or Release

Description

The program does not release or incorrectly releases a resource before it is made available for re-use. When a resource is created or allocated, the developer is responsible for properly releasing the resource as well as accounting for all potential paths of expiration or invalidation, such as a set period of time or revocation.

Latest vulnerabilities for CWE-404

Denial of service in Cisco ASA AnyConnect SSL/TLS VPN 2023-11-01
Medium Yes

Denial of service in Duktape 2023-08-18
Medium Yes

Denial of service in Eclipse Californium 2023-05-05
Medium Yes

Improper resource shutdown in HP Integrated Lights-Out 3 and 4 2023-04-11
Low Yes

Denial of service in Linux kernel Netfilter 2023-01-10
Low Yes

Denial of service in Mitsubishi Electric MELSEC iQ-R, iQ-L Series and MELIPC Series 2023-01-03
Medium Yes

Multiple vulnerabilities in MediaTek chipsets 2022-10-03
Medium Yes

Multiple vulnerabilities in IBM Netezza Host Management 2022-09-16
Low Yes

Denial of service in F5 BIG-IP 2022-08-05
Medium Yes

Denial of service in BIG-IP HTTP MRF 2022-08-04
Medium Yes

References

Description of CWE-404 on Mitre website