This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
(29 total, 2 outdated, 1 possibly insecure)
(6 total, all up-to-date)
(1 total, all up-to-date)
|up to date|
serde_yaml: Uncontrolled recursion leads to abort in deserialization
Affected versions of this crate did not properly check for recursion
while deserializing aliases.
This allows an attacker to make a YAML file with an alias referring
to itself causing an abort.
The flaw was corrected by checking the recursion depth.