software composition analysis
Product
SAST
Catch vulnerabilities as you develop DAST
Test live web applications like an attacker SCA
Secure open-source and supply chain MAST
Secure mobile apps from code to store Compliance
Align with standards while shipping secure code
Resources
Vulnerability database Healthy Package
Blog News
Documentation
Pricing Partners About Us Log In
software composition analysis

Objective-C : Cleartext storage of sensitive information on disk

Classification

OWASP Top 10 2021 A4-Insecure Design CWE CWE-316

Overview

Sensitive information can be saved on disk, saved in a kernel dump, or left uncleaned. The application may crash or the developer may forget to clear the memory correctly, which will lead to disastrous consequences.

References

  1. CWE-316: Cleartext Storage of Sensitive Information in Memory

See also

Objective-C : Cookie: transmission not over SSL
Objective-C : Pointer incompatible with malloc call
Objective-C : Cookie: broad path