CWE WEAKNESSES / CWE-664
CWE-664
Improper Control of a Resource Through its Lifetime
What it is
The product does not maintain or incorrectly maintains control over a resource throughout its lifetime of creation, use, and release.
Resources often have explicit instructions on how to be created, used and destroyed. When code does not follow these instructions, it can lead to unexpected behaviors and potentially exploitable states.Even without explicit instructions, various principles are expected to be adhered to, such as "Do not use an object until after its creation is complete," or "do not use an object after it has been slated for destruction."
Impact
| Other | Other |
Real-world CVE examples
- CVE-2018-1000613 — Cryptography API uses unsafe reflection when deserializing a private key
- CVE-2019-19911 — Chain: Python library does not limit the resources used to process images that specify a very large number of bands (CWE-1284), leading to excessive memory cons
Browse all common weaknesses, check related exploited CVEs, or map to ATT&CK techniques.
Source: MITRE CWE. View on cwe.mitre.org →