Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CWE CATEGORY:Resource Management Errors
Category ID:399
Vulnerability Mapping:Prohibited
Status:Draft
DetailsContent HistoryObserved CVE ExamplesReports
▼Summary

Weaknesses in this category are related to improper management of system resources.

▼Membership
NatureMappingTypeIDName
MemberOfProhibitedV699Software Development
HasMemberAllowedB1188Initialization of a Resource with an Insecure Default
HasMemberAllowedB1341Multiple Releases of Same Resource or Handle
HasMemberAllowedB403Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
HasMemberAllowedC410Insufficient Resource Pool
HasMemberAllowedB470Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
HasMemberAllowedB502Deserialization of Untrusted Data
HasMemberAllowedB619Dangling Database Cursor ('Cursor Injection')
HasMemberAllowedB641Improper Restriction of Names for Files and Other Resources
HasMemberAllowedB694Use of Multiple Resources with Duplicate Identifier
HasMemberAllowedB73External Control of File Name or Path
HasMemberAllowedB763Release of Invalid Pointer or Reference
HasMemberAllowedB770Allocation of Resources Without Limits or Throttling
HasMemberAllowedB771Missing Reference to Active Allocated Resource
HasMemberAllowedB772Missing Release of Resource after Effective Lifetime
HasMemberAllowedB826Premature Release of Resource During Expected Lifetime
HasMemberAllowedB908Use of Uninitialized Resource
HasMemberAllowed-with-ReviewC909Missing Initialization of Resource
HasMemberAllowedB910Use of Expired File Descriptor
HasMemberAllowedB911Improper Update of Reference Count
HasMemberAllowedB914Improper Control of Dynamically-Identified Variables
HasMemberAllowedB915Improperly Controlled Modification of Dynamically-Determined Object Attributes
HasMemberAllowedB920Improper Restriction of Power Consumption
Nature: MemberOf
Mapping: Prohibited
Type: View
ID: 699
Name: Software Development
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1188
Name: Initialization of a Resource with an Insecure Default
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 1341
Name: Multiple Releases of Same Resource or Handle
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 403
Name: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')
Nature: HasMember
Mapping: Allowed
Type: Class
ID: 410
Name: Insufficient Resource Pool
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 470
Name: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 502
Name: Deserialization of Untrusted Data
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 619
Name: Dangling Database Cursor ('Cursor Injection')
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 641
Name: Improper Restriction of Names for Files and Other Resources
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 694
Name: Use of Multiple Resources with Duplicate Identifier
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 73
Name: External Control of File Name or Path
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 763
Name: Release of Invalid Pointer or Reference
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 770
Name: Allocation of Resources Without Limits or Throttling
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 771
Name: Missing Reference to Active Allocated Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 772
Name: Missing Release of Resource after Effective Lifetime
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 826
Name: Premature Release of Resource During Expected Lifetime
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 908
Name: Use of Uninitialized Resource
Nature: HasMember
Mapping: Allowed-with-Review
Type: Class
ID: 909
Name: Missing Initialization of Resource
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 910
Name: Use of Expired File Descriptor
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 911
Name: Improper Update of Reference Count
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 914
Name: Improper Control of Dynamically-Identified Variables
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 915
Name: Improperly Controlled Modification of Dynamically-Determined Object Attributes
Nature: HasMember
Mapping: Allowed
Type: Base
ID: 920
Name: Improper Restriction of Power Consumption
▼Vulnerability Mapping Notes
Usage:Prohibited
Reason:
Rationale:

This entry is a Category. Using categories for mapping has been discouraged since 2019. Categories are informal organizational groupings of weaknesses that can help CWE users with data aggregation, navigation, and browsing. However, they are not weaknesses in themselves [REF-1287]. This CWE ID may have become widely-used because of NIST's usage in NVD from 2008 to 2016 (see CWE-635 view, updated to the CWE-1003 view in 2016).

Comments:

Some weakness-oriented alternatives might be found as descendants under Uncontrolled Resource Consumption (CWE-400).

▼Notes
▼Taxonomy Mappings
Taxonomy NameEntry IDFitEntry Name
PLOVERN/AN/AResource Management Errors
Taxonomy Name: PLOVER
Entry ID: N/A
Fit: N/A
Entry Name: Resource Management Errors
▼References
Reference ID: REF-1287
Title: Supplemental Details - 2022 CWE Top 25
Version: v4.15
Author: MITRE
Publication:
Publisher:
Edition:
URL:https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25_supplemental.html#problematicMappingDetails
URL Date:
Day:28
Month:06
Year:2022
Details not found