CWE-826
Premature Release of Resource During Expected Lifetime
Description
The product releases a resource that is still intended to be used by itself or another actor.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-31115 | Hig | 0.50 | — | 0.01 | Apr 3, 2025 | XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an… | ||
| CVE-2024-58249 | Low | 0.17 | 3.7 | 0.00 | Apr 16, 2025 | In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL. | ||
| CVE-2023-1297 | 0.00 | — | 0.01 | Jun 2, 2023 | Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3 |
- risk 0.50cvss —epss 0.01
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an…
- risk 0.17cvss 3.7epss 0.00
In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL.
- CVE-2023-1297Jun 2, 2023risk 0.00cvss —epss 0.01
Consul and Consul Enterprise's cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could corrupt Consul state, resulting in denial of service. This vulnerability was resolved in Consul 1.14.5, and 1.15.3