RUSTSEC-2021-0115

Source
https://rustsec.org/advisories/RUSTSEC-2021-0115
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2021-0115.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2021-0115
Aliases
Published
2021-09-24T12:00:00Z
Modified
2023-11-08T04:07:22.993048Z
Summary
`#[zeroize(drop)]` doesn't implement `Drop` for `enum`s
Details

Affected versions of this crate did not implement Drop when #[zeroize(drop)] was used on an enum.

This can result in memory not being zeroed out after dropping it, which is exactly what is intended when adding this attribute.

The flaw was corrected in version 1.2 and #[zeroize(drop)] on enums now properly implements Drop.

Database specific
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / zeroize_derive

Package

Name
zeroize_derive
View open source insights on deps.dev
Purl
pkg:cargo/zeroize_derive

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
1.1.1

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": null,
    "informational": null,
    "categories": []
}