ClassDraft

CWE-402Transmission of Private Resources into a New Sphere ('Resource Leak')

Category: data-exposure

Description

The product makes resources available to untrusted parties when those resources are only intended to be accessed by the product.

Common consequences· 1

  • Confidentiality — Read Application Data

References

  1. https://cwe.mitre.org/data/definitions/402.html

(incoming)3

TypeTargetConfidenceTier
VulnerabilityCVE-2025-0502cve-2025-05020%live
VulnerabilityCVE-2025-32360cve-2025-323600%live
VulnerabilityCVE-2025-48383cve-2025-483830%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Exposure of Resource to Wrong Sphere
CWE
Improper Control of Resource Identifiers ('Resource Injection')
CWE
Exposure of Sensitive Information to an Unauthorized Actor
CWE
Creation of Emergent Resource
CWE
Exposure of Sensitive System Information to an Unauthorized Control Sphere
CWE
Incorrect Ownership Assignment
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.