Please report found vulnerabilities privately at https://github.com/jonasbb/serde_with/security. GitHub provides details for submitting vulnerabilities using their system and has advice about writing a good advisory.

Provide as much information as possible while reporting, ideally including a proof-of-concept exploit.