yew 0.18.0

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `yew`

Dependencies

(25 total, 9 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
anymap	`^0.12`	`0.12.1`	up to date
bincode	`^1`	`2.0.1`	out of date
cfg-if	`^1.0`	`1.0.1`	up to date
cfg-match	`^0.2`	`0.2.1`	up to date
console_error_panic_hook	`^0.1`	`0.1.7`	up to date
gloo	`^0.2.1`	`0.11.0`	out of date
http	`^0.2`	`1.3.1`	out of date
indexmap	`^1.5`	`2.10.0`	out of date
js-sys	`^0.3`	`0.3.77`	up to date
log	`^0.4`	`0.4.27`	up to date
rmp-serde	`^0.15.0`	`1.3.0`	out of date
ryu	`^1.0.2`	`1.0.20`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_cbor	`^0.11.1`	`0.11.2`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
serde_yaml ⚠️	`^0.8.3`	`0.9.34+deprecated`	out of date
slab	`^0.4`	`0.4.10`	up to date
stdweb	`^0.4.20`	`0.4.20`	up to date
thiserror	`^1`	`2.0.12`	out of date
toml	`^0.5`	`0.9.2`	out of date
wasm-bindgen	`^0.2.60`	`0.2.100`	up to date
wasm-bindgen-futures	`^0.4`	`0.4.50`	up to date
web-sys	`^0.3`	`0.3.77`	up to date
yew-macro	`^0.18.0`	`0.21.0`	out of date

Dev dependencies

(9 total, 4 outdated)

Crate	Required	Latest	Status
base64	`^0.13.0`	`0.22.1`	out of date
bincode	`^1`	`2.0.1`	out of date
easybench-wasm	`^0.2.1`	`0.2.1`	up to date
rmp-serde	`^0.15.0`	`1.3.0`	out of date
rustversion	`^1.0`	`1.0.21`	up to date
serde_derive	`^1`	`1.0.219`	up to date
ssri	`^6.0.0`	`9.2.0`	out of date
trybuild	`^1.0`	`1.0.106`	up to date
wasm-bindgen-test	`^0.3.4`	`0.3.50`	up to date

Security Vulnerabilities

`serde_yaml`: Uncontrolled recursion leads to abort in deserialization

RUSTSEC-2018-0005

Affected versions of this crate did not properly check for recursion while deserializing aliases.

This allows an attacker to make a YAML file with an alias referring to itself causing an abort.

The flaw was corrected by checking the recursion depth.