Objective-C : Cleartext storage of sensitive information on disk

Classification

OWASP Top 10 2021 A4-Insecure Design CWE CWE-316

Overview

Sensitive information can be saved on disk, saved in a kernel dump, or left uncleaned. The application may crash or the developer may forget to clear the memory correctly, which will lead to disastrous consequences.

References

  1. CWE-316: Cleartext Storage of Sensitive Information in Memory