CVE-2021-45706

Name of the Vulnerable Software and Affected Versions: zeroize derive crate versions prior to 1.2

Description: An issue was discovered where dropped memory is not zeroed out for an enum when the #[zeroize(drop)] attribute is used. This results in memory not being zeroed out after dropping it, contrary to the intended behavior. The flaw was corrected in version 1.2, where #[zeroize(drop)] on enums now properly implements the Drop trait.

Recommendations: For versions prior to 1.2, update to version 1.2 or later to ensure that the #[zeroize(drop)] attribute properly implements the Drop trait for enums, thereby zeroing out dropped memory as intended.