A program may leak resources when it relies on finalize() to release system resources or when there is confusion over which part of the program is responsible for releasing system resources. In a busy system, the delay before the finalize() method is called for an object provides a window of vulnerability during which an attacker could induce a denial-of-service attack. See the guideline MET18-J. Avoid using Do not use finalizers for additional reasons to avoid the use of finalizers.
...