Open tsunez opened 3 years ago
Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Issue still exists.
Issue has 2 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Unscrubbed_Secret issue exists @ iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift in branch master
Method UITextField! at line 11 of iGoat-Swift\iGoat-Swift\Source\Exercises\Key Management\Hard Coded Keys\BrokenCryptographyExerciseVC.swift defines passwordTextField, which is designated to contain user passwords. However, while plaintext passwords are later assigned to passwordTextField, this variable is never cleared from memory.
Severity: Low
CWE:226
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: [32](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L32) [11](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L11)
[Code (Line #32):](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L32)
[Code (Line #11):](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L11)