Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:Comprehensive Categorization: Resource Lifecycle Management
Category ID:1416
Vulnerability Mapping:Prohibited
Status:Incomplete
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to resource lifecycle management.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV1400Comprehensive Categorization for Software Assurance Trends
HasMemberDiscouragedC118Incorrect Access of Indexable Resource ('Range Error')
HasMemberProhibitedV1042Static Member Data Element outside of a Singleton Class Element
HasMemberAllowedB1046Creation of Immutable Text Using String Concatenation
HasMemberAllowedB1049Excessive Data Query Operations in a Large Data Table
HasMemberAllowedB1050Excessive Platform Resource Consumption within a Loop
HasMemberProhibitedB1051Initialization with Hard-Coded Network Resource Configuration Data
HasMemberAllowedB1052Excessive Use of Hard-Coded Literals in Initialization
HasMemberProhibitedB1063Creation of Class Instance within a Static Code Block
HasMemberAllowedB1067Excessive Execution of Sequential Searches of Data Resource
HasMemberProhibitedB1072Data Resource Access without Use of Connection Pooling
HasMemberProhibitedB1073Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses
HasMemberProhibitedB1084Invokable Control Element with Excessive File or Data Access Operations
HasMemberAllowedB1089Large Data Table with Excessive Number of Indices
HasMemberAllowedB1091Use of Object without Invoking Destructor Method
HasMemberProhibitedB1094Excessive Index Range Scan for a Data Resource
HasMemberAllowed-with-ReviewC1176Inefficient CPU Computation
HasMemberAllowedB1188Initialization of a Resource with an Insecure Default
HasMemberAllowedB1221Incorrect Register Defaults or Module Parameters
HasMemberAllowed-with-ReviewC1229Creation of Emergent Resource
HasMemberAllowedB1235Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations
HasMemberAllowedV1239Improper Zeroization of Hardware Register
HasMemberAllowedB1246Improper Write Handling in Limited-write Non-Volatile Memories
HasMemberAllowedB1250Improper Preservation of Consistency Between Independent Representations of Shared State
HasMemberAllowedB1258Exposure of Sensitive System Information Due to Uncleared Debug Information
HasMemberAllowedB1266Improper Scrubbing of Sensitive Data from Decommissioned Device
HasMemberAllowedB1271Uninitialized Value on Reset for Registers Holding Security Settings
HasMemberAllowedB1272Sensitive Information Uncleared Before Debug/Power State Transition
HasMemberAllowedB1279Cryptographic Operations are run Before Supporting Units are Ready
HasMemberAllowedB1301Insufficient or Incomplete Data Removal within Hardware Component
HasMemberAllowedB1325Improperly Controlled Sequential Memory Allocation
HasMemberAllowedV1330Remanent Data Readable after Memory Erase
HasMemberAllowedB1333Inefficient Regular Expression Complexity
HasMemberAllowedB1342Information Exposure through Microarchitectural State after Transient Execution
HasMemberAllowedB1386Insecure Operation on Windows Junction / Mount Point
HasMemberAllowedB1389Incorrect Parsing of Numbers with Different Radices
HasMemberAllowed-with-ReviewC1419Incorrect Initialization of Resource
HasMemberAllowed-with-ReviewB1420Exposure of Sensitive Information during Transient Execution
HasMemberAllowedB1421Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
HasMemberAllowedB1422Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
HasMemberAllowedB1423Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
HasMemberAllowedB178Improper Handling of Case Sensitivity
HasMemberAllowedV192Integer Coercion Error
HasMemberAllowedV194Unexpected Sign Extension
HasMemberAllowedV195Signed to Unsigned Conversion Error
HasMemberAllowedV196Unsigned to Signed Conversion Error
HasMemberAllowedB197Numeric Truncation Error
HasMemberAllowedB212Improper Removal of Sensitive Information Before Storage or Transfer
HasMemberAllowed-with-ReviewC221Information Loss or Omission
HasMemberAllowedB226Sensitive Information in Resource Not Removed Before Reuse
HasMemberAllowedV243Creation of chroot Jail Without Changing Working Directory
HasMemberDiscouragedB372Incomplete Internal State Distinction
HasMemberAllowedB386Symbolic Name not Mapping to Correct Object
HasMemberAllowedB409Improper Handling of Highly Compressed Data (Data Amplification)
HasMemberDiscouragedC400Uncontrolled Resource Consumption
HasMemberAllowed-with-ReviewC404Improper Resource Shutdown or Release
HasMemberAllowed-with-ReviewC405Asymmetric Resource Consumption (Amplification)
HasMemberAllowed-with-ReviewC406Insufficient Control of Network Message Volume (Network Amplification)
HasMemberAllowed-with-ReviewC407Inefficient Algorithmic Complexity
HasMemberAllowedC410Insufficient Resource Pool
HasMemberAllowedB434Unrestricted Upload of File with Dangerous Type
HasMemberAllowedV453Insecure Default Variable Initialization
HasMemberAllowedB454External Initialization of Trusted Variables or Data Stores
HasMemberAllowedV456Missing Initialization of a Variable
HasMemberAllowedV457Use of Uninitialized Variable
HasMemberAllowedB459Incomplete Cleanup
HasMemberAllowedB460Improper Cleanup on Thrown Exception
HasMemberAllowedB471Modification of Assumed-Immutable Data (MAID)
HasMemberAllowedB487Reliance on Package-level Scope
HasMemberAllowedV495Private Data Structure Returned From A Public Method
HasMemberAllowedV496Public Data Assigned to Private Array-Typed Field
HasMemberAllowedB501Trust Boundary Violation
HasMemberAllowedV568finalize() Method Without super.finalize()
HasMemberAllowedV580clone() Method Without super.clone()
HasMemberAllowedV588Attempt to Access Child of a Non-structure Pointer
HasMemberAllowedV607Public Static Final Field References Mutable Object
HasMemberDiscouragedC610Externally Controlled Reference to a Resource in Another Sphere
HasMemberAllowedV618Exposed Unsafe ActiveX Method
HasMemberDiscouragedC662Improper Synchronization
HasMemberDiscouragedP664Improper Control of a Resource Through its Lifetime
HasMemberDiscouragedC665Improper Initialization
HasMemberDiscouragedC666Operation on Resource in Wrong Phase of Lifetime
HasMemberAllowed-with-ReviewC669Incorrect Resource Transfer Between Spheres
HasMemberAllowed-with-ReviewC673External Influence of Sphere Definition
HasMemberAllowedB681Incorrect Conversion between Numeric Types
HasMemberAllowed-with-ReviewC704Incorrect Type Conversion or Cast
HasMemberAllowed-with-ReviewC706Use of Incorrectly-Resolved Name or Reference
HasMemberAllowedB749Exposed Dangerous Method or Function
HasMemberAllowedB770Allocation of Resources Without Limits or Throttling
HasMemberAllowedB771Missing Reference to Active Allocated Resource
HasMemberAllowedB772Missing Release of Resource after Effective Lifetime
HasMemberAllowedV773Missing Reference to Active File Descriptor or Handle
HasMemberAllowedV774Allocation of File Descriptors or Handles Without Limits or Throttling
HasMemberAllowedV775Missing Release of File Descriptor or Handle after Effective Lifetime
HasMemberAllowedB776Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
HasMemberAllowedB779Logging of Excessive Data
HasMemberAllowedV782Exposed IOCTL with Insufficient Access Control
HasMemberAllowedV827Improper Control of Document Type Definition
HasMemberAllowedB829Inclusion of Functionality from Untrusted Control Sphere
HasMemberAllowedV830Inclusion of Web Functionality from an Untrusted Source
HasMemberAllowedB843Access of Resource Using Incompatible Type ('Type Confusion')
HasMemberAllowedB908Use of Uninitialized Resource
HasMemberAllowed-with-ReviewC909Missing Initialization of Resource
HasMemberAllowedB911Improper Update of Reference Count
HasMemberAllowed-with-ReviewC913Improper Control of Dynamically-Managed Code Resources
HasMemberAllowedB920Improper Restriction of Power Consumption
HasMemberAllowed-with-ReviewC922Insecure Storage of Sensitive Information
HasMemberAllowedV98Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 1400
Name: Comprehensive Categorization for Software Assurance Trends
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 118
Name: Incorrect Access of Indexable Resource ('Range Error')
Nature: HasMember
Mapping: Prohibited
Type: Variant
ID: 1042
Name: Static Member Data Element outside of a Singleton Class Element
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1046
Name: Creation of Immutable Text Using String Concatenation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1049
Name: Excessive Data Query Operations in a Large Data Table
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1050
Name: Excessive Platform Resource Consumption within a Loop
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1051
Name: Initialization with Hard-Coded Network Resource Configuration Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1052
Name: Excessive Use of Hard-Coded Literals in Initialization
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1063
Name: Creation of Class Instance within a Static Code Block
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1067
Name: Excessive Execution of Sequential Searches of Data Resource
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1072
Name: Data Resource Access without Use of Connection Pooling
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1073
Name: Non-SQL Invokable Control Element with Excessive Number of Data Resource Accesses
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1084
Name: Invokable Control Element with Excessive File or Data Access Operations
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1089
Name: Large Data Table with Excessive Number of Indices
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1091
Name: Use of Object without Invoking Destructor Method
Nature: HasMember
Mapping: Prohibited
Type: Base
ID: 1094
Name: Excessive Index Range Scan for a Data Resource
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1176
Name: Inefficient CPU Computation
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1188
Name: Initialization of a Resource with an Insecure Default
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1221
Name: Incorrect Register Defaults or Module Parameters
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1229
Name: Creation of Emergent Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1235
Name: Incorrect Use of Autoboxing and Unboxing for Performance Critical Operations
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1239
Name: Improper Zeroization of Hardware Register
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1246
Name: Improper Write Handling in Limited-write Non-Volatile Memories
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1250
Name: Improper Preservation of Consistency Between Independent Representations of Shared State
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1258
Name: Exposure of Sensitive System Information Due to Uncleared Debug Information
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1266
Name: Improper Scrubbing of Sensitive Data from Decommissioned Device
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1271
Name: Uninitialized Value on Reset for Registers Holding Security Settings
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1272
Name: Sensitive Information Uncleared Before Debug/Power State Transition
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1279
Name: Cryptographic Operations are run Before Supporting Units are Ready
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1301
Name: Insufficient or Incomplete Data Removal within Hardware Component
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1325
Name: Improperly Controlled Sequential Memory Allocation
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 1330
Name: Remanent Data Readable after Memory Erase
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1333
Name: Inefficient Regular Expression Complexity
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1342
Name: Information Exposure through Microarchitectural State after Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1386
Name: Insecure Operation on Windows Junction / Mount Point
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1389
Name: Incorrect Parsing of Numbers with Different Radices
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 1419
Name: Incorrect Initialization of Resource
Nature: HasMember
Mapping: Allowed-with-Review
Type: Base
ID: 1420
Name: Exposure of Sensitive Information during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1421
Name: Exposure of Sensitive Information in Shared Microarchitectural Structures during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1422
Name: Exposure of Sensitive Information caused by Incorrect Data Forwarding during Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1423
Name: Exposure of Sensitive Information caused by Shared Microarchitectural Predictor State that Influences Transient Execution
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 178
Name: Improper Handling of Case Sensitivity
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 192
Name: Integer Coercion Error
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 194
Name: Unexpected Sign Extension
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 195
Name: Signed to Unsigned Conversion Error
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 196
Name: Unsigned to Signed Conversion Error
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 197
Name: Numeric Truncation Error
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 212
Name: Improper Removal of Sensitive Information Before Storage or Transfer
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 221
Name: Information Loss or Omission
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 226
Name: Sensitive Information in Resource Not Removed Before Reuse
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 243
Name: Creation of chroot Jail Without Changing Working Directory
Nature: HasMember
Mapping: Discouraged
Type: Base
ID: 372
Name: Incomplete Internal State Distinction
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 386
Name: Symbolic Name not Mapping to Correct Object
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 409
Name: Improper Handling of Highly Compressed Data (Data Amplification)
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 400
Name: Uncontrolled Resource Consumption
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 404
Name: Improper Resource Shutdown or Release
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 405
Name: Asymmetric Resource Consumption (Amplification)
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 406
Name: Insufficient Control of Network Message Volume (Network Amplification)
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 407
Name: Inefficient Algorithmic Complexity
Nature: HasMember
Mapping: Allowed
Type: Class
ID: 410
Name: Insufficient Resource Pool
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 434
Name: Unrestricted Upload of File with Dangerous Type
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 453
Name: Insecure Default Variable Initialization
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 454
Name: External Initialization of Trusted Variables or Data Stores
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 456
Name: Missing Initialization of a Variable
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 457
Name: Use of Uninitialized Variable
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 459
Name: Incomplete Cleanup
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 460
Name: Improper Cleanup on Thrown Exception
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 471
Name: Modification of Assumed-Immutable Data (MAID)
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 487
Name: Reliance on Package-level Scope
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 495
Name: Private Data Structure Returned From A Public Method
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 496
Name: Public Data Assigned to Private Array-Typed Field
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 501
Name: Trust Boundary Violation
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 568
Name: finalize() Method Without super.finalize()
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 580
Name: clone() Method Without super.clone()
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 588
Name: Attempt to Access Child of a Non-structure Pointer
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 607
Name: Public Static Final Field References Mutable Object
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 610
Name: Externally Controlled Reference to a Resource in Another Sphere
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 618
Name: Exposed Unsafe ActiveX Method
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 662
Name: Improper Synchronization
Nature: HasMember
Mapping: Discouraged
Type: Pillar
ID: 664
Name: Improper Control of a Resource Through its Lifetime
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 665
Name: Improper Initialization
Nature: HasMember
Mapping: Discouraged
Type: Class
ID: 666
Name: Operation on Resource in Wrong Phase of Lifetime
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 669
Name: Incorrect Resource Transfer Between Spheres
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 673
Name: External Influence of Sphere Definition
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 681
Name: Incorrect Conversion between Numeric Types
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 704
Name: Incorrect Type Conversion or Cast
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 706
Name: Use of Incorrectly-Resolved Name or Reference
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 749
Name: Exposed Dangerous Method or Function
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 770
Name: Allocation of Resources Without Limits or Throttling
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 771
Name: Missing Reference to Active Allocated Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 772
Name: Missing Release of Resource after Effective Lifetime
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 773
Name: Missing Reference to Active File Descriptor or Handle
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 774
Name: Allocation of File Descriptors or Handles Without Limits or Throttling
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 775
Name: Missing Release of File Descriptor or Handle after Effective Lifetime
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 776
Name: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 779
Name: Logging of Excessive Data
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 782
Name: Exposed IOCTL with Insufficient Access Control
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 827
Name: Improper Control of Document Type Definition
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 829
Name: Inclusion of Functionality from Untrusted Control Sphere
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 830
Name: Inclusion of Web Functionality from an Untrusted Source
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 843
Name: Access of Resource Using Incompatible Type ('Type Confusion')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 908
Name: Use of Uninitialized Resource
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 909
Name: Missing Initialization of Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 911
Name: Improper Update of Reference Count
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 913
Name: Improper Control of Dynamically-Managed Code Resources
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 920
Name: Improper Restriction of Power Consumption
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 922
Name: Insecure Storage of Sensitive Information
Nature: HasMember
Mapping: Allowed
Type: Variant
ID: 98
Name: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1330].

Comments:

See member weaknesses of this category.

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
▼References
Reference ID: REF-1330
Title: CVE --> CWE Mapping Guidance - Quick Tips
Version: v4.15
Author: MITRE
Publication:
Publisher:
Edition:
URL:https://cwe.mitre.org/documents/cwe_usage/quick_tips.html
URL Date:
Day:25
Month:03
Year:2021
Details not found