CWE-664 - Improper control of a resource through its lifetime

Description

The software does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.

Resources often have explicit instructions on how to be created, used and destroyed. When software does not follow these instructions, it can lead to unexpected behaviors and potentially exploitable states.

Even without explicit instructions, various principles are expected to be adhered to, such as "Do not use an object until after its creation is complete," or "do not use an object after it has been slated for destruction."

Latest vulnerabilities for CWE-664

Multiple vulnerabilities in Citrix Workspace app for Windows 2024-09-17
Low Yes

Multiple vulnerabilities in Siemens SCALANCE W700 802.11 AX Family 2024-06-14
Medium No

Multiple vulnerabilities in Microsoft Edge 2024-03-25
High Yes

Multiple vulnerabilities in Google Chrome 2024-03-19
High Yes

Multiple vulnerabilities in IBM i Access Client Solutions 2024-01-05
High Yes

Multiple vulnerabilities in IBM Engineering Requirements Management DOORS/DWA 2023-10-27
Critical Yes

Improper control of a resource through its lifetime in IBM UrbanCode Deploy (UCD) 2023-10-24
Low Yes

Splunk Enterprise update for third-party packages 2023-09-04
High Yes

Multiple vulnerabilities in Dell Data Protection Central 2023-08-16
High Yes

Multiple vulnerabilities in Dell EMC PowerScale OneFS 2023-08-07
Medium Yes

References

Description of CWE-664 on Mitre website