{"id":"GHSA-r45x-ghr2-qjxc","summary":"Duplicate Advisory: `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s","details":"## Duplicate Advisory\nThis advisory is a duplicate of [GHSA-c5hx-w945-j4pq](https://github.com/advisories/GHSA-c5hx-w945-j4pq). This link is preserved to maintain external references.\n\n## Original Description\nAffected versions of this crate did not implement `Drop` when `#[zeroize(drop)]` was used on an `enum`.\n\nThis can result in memory not being zeroed out after dropping it, which is exactly what is intended when adding this attribute.\n\nThe flaw was corrected in version 1.2 and `#[zeroize(drop)]` on `enum`s now properly implements `Drop`.\n","modified":"2022-06-23T17:29:03Z","published":"2022-06-17T00:30:52Z","withdrawn":"2022-06-23T17:29:03Z","database_specific":{"nvd_published_at":null,"github_reviewed_at":"2022-06-17T00:30:52Z","cwe_ids":["CWE-226"],"github_reviewed":true,"severity":"HIGH"},"references":[{"type":"WEB","url":"https://github.com/iqlusioninc/crates/issues/876"},{"type":"PACKAGE","url":"https://github.com/iqlusioninc/crates"},{"type":"WEB","url":"https://rustsec.org/advisories/RUSTSEC-2021-0115.html"}],"affected":[{"package":{"name":"zeroize_derive","ecosystem":"crates.io","purl":"pkg:cargo/zeroize_derive"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.1.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-r45x-ghr2-qjxc/GHSA-r45x-ghr2-qjxc.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}