目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1000

100.0%
请我们喝杯咖啡

CWE-772 对已超过有效生命周期的资源丧失索引 类漏洞列表 51

CWE-772 对已超过有效生命周期的资源丧失索引 类弱点 51 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-772属于资源管理缺陷,指程序在资源不再需要时未正确释放。攻击者常通过频繁创建资源耗尽系统内存或句柄,导致拒绝服务或系统崩溃。开发者应确保在资源生命周期结束时执行清理操作,使用RAII机制或显式调用释放函数,并加强代码审查以预防资源泄漏,从而保障系统稳定性。

MITRE CWE 官方描述
CWE:CWE-772 Missing Release of Resource after Effective Lifetime(有效生命周期结束后未释放资源) 英文:The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
常见影响 (1)
AvailabilityDoS: Resource Consumption (Other), DoS: Resource Consumption (Memory), DoS: Resource Consumption (CPU)
An attacker that can influence the allocation of resources that are not properly released could deplete the available resource pool and prevent all other processes from accessing the same type of resource. Frequently-affected resources include memory, CPU, disk space, power or battery, etc.
缓解措施 (3)
RequirementsUse a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid. For example, languages such as Java, Ruby, and Lisp perform automatic garbage collection that releases memory for objects that have been deallocated.
ImplementationIt is good practice to be responsible for freeing all resources you allocate and to be consistent with how and where you free resources in a function. If you allocate resources that you intend to free upon completion of the function, you must be sure to free the resources at all exit points for that function including error conditions.
Operation, Architecture and DesignUse resource-limiting settings provided by the operating system or environment. For example, when managing system resources in POSIX, setrlimit() can be used to set limits for certain types of resources, and getrlimit() can determine how many resources are available. However, these functions are not available on all operating systems. When the current levels get close to the maximum that is define…
代码示例 (2)
The following method never closes the new file handle. Given enough time, the Finalize() method for BufferReader should eventually call Close(), but there is no guarantee as to how long this action will take. In fact, there is no guarantee that Finalize() will ever be invoked. In a busy environment, the Operating System could use up all of the available file handles before the Close() function is …
private void processFile(string fName) { BufferReader fil = new BufferReader(new FileReader(fName)); String line; while ((line = fil.ReadLine()) != null) { processLine(line); } }
Bad · Java
private void processFile(string fName) { BufferReader fil = new BufferReader(new FileReader(fName)); String line; while ((line = fil.ReadLine()) != null) { processLine(line); } fil.Close(); }
Good · Java
The following code attempts to open a new connection to a database, process the results returned by the database, and close the allocated SqlConnection object.
SqlConnection conn = new SqlConnection(connString); SqlCommand cmd = new SqlCommand(queryString); cmd.Connection = conn; conn.Open(); SqlDataReader rdr = cmd.ExecuteReader(); HarvestResults(rdr); conn.Connection.Close();
Bad · C#
CVE ID标题CVSS风险等级Published
CVE-2026-3104 ISC BIND 9 安全漏洞 — BIND 9 7.5 High2026-03-25
CVE-2026-2261 FreeBSD 安全漏洞 — FreeBSD 7.5AIHighAI2026-03-09
CVE-2026-20082 Cisco Secure Firewall Adaptive Security Appliance 安全漏洞 — Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 8.6 High2026-03-04
CVE-2026-2359 Multer 安全漏洞 — multer 7.5 -2026-02-27
CVE-2025-14969 Hibernate Reactive 安全漏洞 — Red Hat build of Quarkus 3.27.2 4.3 Medium2026-01-26
CVE-2026-21874 NiceGUI 安全漏洞 — nicegui 5.3 Medium2026-01-08
CVE-2025-64734 Gallagher T-Series Reader 安全漏洞 — T21 Reader 2.4 Low2025-11-18
CVE-2025-54983 Zscaler Client Connector 安全漏洞 — Zscaler Client Connector 5.2 Medium2025-11-12
CVE-2025-62723 FlashMQ 安全漏洞 — FlashMQ 4.3 Medium2025-10-24
CVE-2025-36128 IBM MQ 安全漏洞 — MQ 7.5 High2025-10-16
CVE-2025-61670 Wasmtime 安全漏洞 — wasmtime 7.5AIHighAI2025-10-07
CVE-2025-30256 Tenda AC6 安全漏洞 — AC6 V5.0 8.6 High2025-08-20
CVE-2023-32255 Linux kernel 安全漏洞 5.3 Medium2025-08-02
CVE-2025-36071 IBM Db2 安全漏洞 — IBM Db2 6.5 Medium2025-07-29
CVE-2025-44003 Gallagher T-Series Reader 安全漏洞 — T-Series Readers 4.3 Medium2025-07-10
CVE-2025-3864 Hackney 安全漏洞 — hackney 4.3AIMediumAI2025-05-28
CVE-2025-22891 F5 BIG-IP PEM 安全漏洞 — BIG-IP 7.5 High2025-02-05
CVE-2024-52303 aiohttp 安全漏洞 — aiohttp 5.9 -2024-11-18
CVE-2024-10396 OpenAFS 安全漏洞 — OpenAFS 6.5 Medium2024-11-14
CVE-2024-49769 Waitress 安全漏洞 — waitress 7.5 High2024-10-29
CVE-2024-20493 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.3 Medium2024-10-23
CVE-2024-20481 Cisco Firepower Threat Defense和Cisco Adaptive Security Appliance 安全漏洞 — Cisco Adaptive Security Appliance (ASA) Software 5.8 Medium2024-10-23
CVE-2024-41888 Apache Answer 安全漏洞 — Apache Answer 7.5AIHighAI2024-08-09
CVE-2024-41890 Apache Answer 安全漏洞 — Apache Answer 7.5AIHighAI2024-08-09
CVE-2024-39562 Juniper Networks Junos OS Evolved 安全漏洞 — Junos OS Evolved 7.5 High2024-07-10
CVE-2024-28882 OpenVPN 安全漏洞 — OpenVPN--AI2024-07-08
CVE-2024-1300 Eclipse Vert.x 安全漏洞 5.4 Medium2024-04-02
CVE-2024-22383 Gallagher Controller 7000 安全漏洞 — Controller 7000 6.2 Medium2024-03-05
CVE-2024-21789 F5 BIG-IP 安全漏洞 — BIG-IP 7.5 High2024-02-14
CVE-2023-31274 AVEVA PI Server 安全漏洞 — PI Server 5.3 Medium2024-01-18

CWE-772(对已超过有效生命周期的资源丧失索引) 是常见的弱点类别,本平台收录该类弱点关联的 51 条 CVE 漏洞。