Is github.com/k3s-io/k3s safe to use?

github.com/k3s-io/k3s has 2 known vulnerabilities on the latest version (v1.0.1). DepScope rates its health at 50/100 (high risk).

What is the latest version of github.com/k3s-io/k3s?

The latest version of github.com/k3s-io/k3s is v1.0.1, released 2019-12-18.

Does github.com/k3s-io/k3s have known vulnerabilities?

Yes. github.com/k3s-io/k3s has 2 known vulnerabilities. See depscope.dev/pkg/go/github.com/k3s-io/k3s for details.

Is github.com/k3s-io/k3s deprecated?

No, github.com/k3s-io/k3s is actively maintained. Latest release: v1.0.1 (2019-12-18).

What are alternatives to github.com/k3s-io/k3s?

DepScope has no curated alternatives for github.com/k3s-io/k3s at this time.

What license does github.com/k3s-io/k3s use?

License information for github.com/k3s-io/k3s is not declared in the registry metadata.

github.com/k3s-io/k3s

govv1.0.1

Lightweight Kubernetes

129 versions311 maintainers0 deps32,876 weekly dl

k3s-io/k3s

/ 100

Health

update required

github.com/k3s-io/[email protected] has vulnerabilities — update to latest

Update to >= 1.28.1 to fix known vulnerabilities

1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

10/20

popularity

20/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 high1 low

Advisories (2)

Severity	ID	Summary	Fixed in
high	CVE-2023-32187	K3s apiserver port is vulnerable to unauthenticated remote denial-of-service (DoS) attack via TLS SAN stuffing attack	1.28.1
unknown	CVE-2025-46599	CNCF K3s Kubernetes kubelet configuration exposes credentials in github.com/k3s-io/k3s	—

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/k3s-io/k3s

Last updated · 2019-12-18T05:54:31Z