This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate serde-generate

Dependencies

(11 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 bcs^0.1.10.1.6up to date
 bincode^1.3.11.3.3up to date
 heck^0.3.10.5.0out of date
 include_dir^0.60.7.3out of date
 maplit^1.0.21.0.2up to date
 serde^1.0.1161.0.197up to date
 serde-reflection^0.3.00.3.6up to date
 serde_bytes^0.11.30.11.14up to date
 serde_yaml ⚠️^0.80.9.34+deprecatedout of date
 structopt^0.3.120.3.26up to date
 textwrap^0.12.10.16.1out of date

Dev dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 hex^0.4.20.4.3up to date
 lazy_static^11.4.0up to date
 tempfile^3.13.10.1up to date
 which^4.0.26.0.1out of date

Security Vulnerabilities

serde_yaml: Uncontrolled recursion leads to abort in deserialization

RUSTSEC-2018-0005

Affected versions of this crate did not properly check for recursion while deserializing aliases.

This allows an attacker to make a YAML file with an alias referring to itself causing an abort.

The flaw was corrected by checking the recursion depth.