ClassDraft

CWE-672Operation on a Resource after Expiration or Release

Category: logic

Description

The product uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

Common consequences· 2

  • Integrity / Confidentiality — Modify Application Data, Read Application Data
    If a released resource is subsequently reused or reallocated, then an attempt to use the original resource might allow access to sensitive data that is associated with a different user or entity.
  • Other / Availability — Other, DoS: Crash, Exit, or Restart
    When a resource is released it might not be in an expected state, later attempts to access the resource may lead to resultant errors that may lead to a crash.

References

  1. https://cwe.mitre.org/data/definitions/672.html

(incoming)2

TypeTargetConfidenceTier
VulnerabilityCVE-2026-33278cve-2026-332780%live
VulnerabilityCVE-2026-43585cve-2026-435850%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Improper Resource Shutdown or Release
CWE
Improper Control of a Resource Through its Lifetime
CWE
Missing Release of Resource after Effective Lifetime
CWE
Exposure of Resource to Wrong Sphere
CWE
Improper Ownership Management
CWE
Incorrect Ownership Assignment
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.