CWE-664 - Improper control of a resource through its lifetime

Description

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

Resources often have explicit instructions on how to be created, used and destroyed. When software does not follow these instructions, it can lead to unexpected behaviors and potentially exploitable states.

Even without explicit instructions, various principles are expected to be adhered to, such as "Do not use an object until after its creation is complete," or "do not use an object after it has been slated for destruction."

Latest vulnerabilities for CWE-664

Multiple vulnerabilities in Microsoft Edge 2024-03-25
High Yes

Multiple vulnerabilities in Google Chrome 2024-03-19
High Yes

Multiple vulnerabilities in IBM i Access Client Solutions 2024-01-05
High Yes

Multiple vulnerabilities in IBM Engineering Requirements Management DOORS/DWA 2023-10-27
Critical Yes

Improper control of a resource through its lifetime in IBM UrbanCode Deploy (UCD) 2023-10-24
Low Yes

Splunk Enterprise update for third-party packages 2023-09-04
High Yes

Multiple vulnerabilities in Dell Data Protection Central 2023-08-16
High Yes

Multiple vulnerabilities in Dell EMC PowerScale OneFS 2023-08-07
Medium Yes

Splunk Universal Forwarder update for third-party packages 2023-06-05
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management Monitoring 2023-02-01
Critical Yes

References

Description of CWE-664 on Mitre website