Transmission of Private Resources into a New Sphere ('Resource Leak')

At its core, this weakness is about a failure in access control for non-data resources. While similar to information exposure (CWE-200), the focus here is on the unauthorized transfer of the resource *itself*—such as a file handle, a socket, or a memory block—into a context where an untrusted actor can use, modify, or exhaust it. This often happens due to logic errors, incorrect cleanup routines, or flawed object lifecycle management, allowing attackers to drain system availability or gain unintended access. For developers, the primary risk is a degradation of system stability and security through resource exhaustion (like Denial of Service) or privilege escalation. To prevent it, rigorously enforce the principle of least privilege for all resource handles, implement robust and audited cleanup paths (finally blocks, using statements, or RAII patterns), and validate that all resource transfers are explicitly authorized. Treat internal handles with the same caution as sensitive data.