CWE · MITRE source
CWE-772Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.
Last updated: 20 May 2026 08:06 UTC
NIST 800-53 r5 controls that address this weakness (1)AI
| Control | Title | Family | Why it addresses this CWE |
|---|---|---|---|
SC-10 | Network Disconnect | SC | Ensures network resources are released once the session ends or becomes inactive, closing the window for missing-release weaknesses. |
Top CVEs of this weakness type, ranked by Risk Priority
| CVE | Risk | CVSS | EPSS | Published |
|---|---|---|---|---|
CVE-2021-22883 | 6.9 | 7.5 | 0.8943 | 2021-03-03 |
CVE-2003-0132 | 5.1 | 0.0 | 0.8500 | 2003-04-11 |
CVE-2017-14495 | 4.7 | 7.5 | 0.5332 | 2017-10-03 |
CVE-2024-20481 KEV | 3.8 | 5.8 | 0.1112 | 2024-10-23 |
CVE-1999-1127 | 3.3 | 7.5 | 0.3003 | 1999-12-31 |
CVE-2020-9375 | 3.2 | 7.5 | 0.2804 | 2020-03-25 |
CVE-2017-5507 UPD | 2.2 | 7.5 | 0.1140 | 2017-03-24 |
CVE-2015-7701 UPD | 2.2 | 7.5 | 0.1241 | 2017-08-07 |
CVE-2001-0830 | 2.0 | 7.5 | 0.0896 | 2001-12-06 |
CVE-2007-0897 UPD | 2.0 | 7.5 | 0.0788 | 2007-02-16 |
CVE-2017-11641 UPD | 2.0 | 9.8 | 0.0045 | 2017-07-26 |
CVE-2017-14138 UPD | 2.0 | 9.8 | 0.0022 | 2017-09-04 |
CVE-2017-15032 | 2.0 | 9.8 | 0.0032 | 2017-10-05 |
CVE-2020-12134 | 2.0 | 9.8 | 0.0052 | 2020-04-24 |
CVE-2020-35876 | 2.0 | 9.8 | 0.0051 | 2020-12-31 |
CVE-2023-41094 | 2.0 | 10.0 | 0.0008 | 2023-10-04 |
CVE-2018-19132 | 1.9 | 5.9 | 0.1135 | 2018-11-09 |
CVE-2008-2122 UPD | 1.8 | 7.5 | 0.0473 | 2008-05-09 |
CVE-2017-11170 UPD | 1.8 | 8.8 | 0.0035 | 2017-07-11 |
CVE-2017-11310 UPD | 1.8 | 8.8 | 0.0039 | 2017-07-13 |
CVE-2017-12641 UPD | 1.8 | 8.8 | 0.0024 | 2017-08-07 |
CVE-2017-12642 UPD | 1.8 | 8.8 | 0.0035 | 2017-08-07 |
CVE-2017-12644 UPD | 1.8 | 8.8 | 0.0056 | 2017-08-07 |
CVE-2017-12662 UPD | 1.8 | 8.8 | 0.0022 | 2017-08-07 |
CVE-2017-12663 UPD | 1.8 | 8.8 | 0.0021 | 2017-08-07 |