CWE-244
Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
Official CWE-244 definition at MITREImpactr finds and proves weaknesses like CWE-244 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist