Is github.com/openziti/zrok safe to use?

github.com/openziti/zrok has 3 known vulnerabilities on the latest version (v1.1.11). DepScope rates its health at 62/100 (moderate risk).

What is the latest version of github.com/openziti/zrok?

The latest version of github.com/openziti/zrok is v1.1.11, released 2026-02-03.

Yes. github.com/openziti/zrok has 3 known vulnerabilities. See depscope.dev/pkg/go/github.com/openziti/zrok for details.

No, github.com/openziti/zrok is actively maintained. Latest release: v1.1.11 (2026-02-03).

DepScope has no curated alternatives for github.com/openziti/zrok at this time.

github.com/openziti/zrok is licensed under Apache-2.0.

govv1.1.11

Secure internet sharing made simple.

License Apache-2.0permissive124 versions36 maintainers0 deps4,370 weekly dl

/ 100

Health

update required

github.com/openziti/[email protected] has vulnerabilities — update to latest

Update to >= 2.0.1 to fix known vulnerabilities

Health breakdown0 – 100

20/25

maintenance

6/20

popularity

16/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 high2 medium

Advisories (3)

Severity	ID	Summary	Fixed in
medium	CVE-2026-40304	zrok: Broken ownership check in DELETE /api/v2/unaccess allows non-admin to delete global frontend records	2.0.1
medium	CVE-2026-40302	zrok: Reflected XSS in GitHub OAuth callback via unsanitized refreshInterval error rendering	2.0.1
high	CVE-2026-40303	zrok: Unauthenticated DoS via unbounded memory allocation in striped session cookie parsing	2.0.1

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/openziti/zrok

Last updated · 2026-02-03T16:51:36Z