CWE-244
Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Using realloc() to resize buffers that store sensitive information can leave the sensitive information exposed to attack, because it is not removed from memory.
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.