CWE-226
Sensitive Information in Resource Not Removed Before Reuse
The product releases a resource such as memory or a file so that it can be made available for reuse, but it does not clear or zeroize the information contained in the resource before the product performs a critical state transition or makes the resource available for reuse by other entities.
Official CWE-226 definition at MITREImpactr finds and proves weaknesses like CWE-226 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist