Is gopkg.in/yaml.v3 safe to use?

gopkg.in/yaml.v3 has 1 known vulnerabilities on the latest version (v3.0.1). DepScope rates its health at 0/100 (unknown risk).

What is the latest version of gopkg.in/yaml.v3?

The latest version of gopkg.in/yaml.v3 is v3.0.1, released 2022-05-27.

Does gopkg.in/yaml.v3 have known vulnerabilities?

Yes. gopkg.in/yaml.v3 has 1 known vulnerabilities. See depscope.dev/pkg/go/gopkg.in/yaml.v3 for details.

Is gopkg.in/yaml.v3 deprecated?

No, gopkg.in/yaml.v3 is actively maintained. Latest release: v3.0.1 (2022-05-27).

What are alternatives to gopkg.in/yaml.v3?

DepScope has no curated alternatives for gopkg.in/yaml.v3 at this time.

What license does gopkg.in/yaml.v3 use?

gopkg.in/yaml.v3 is licensed under MIT.

gopkg.in/yaml.v3

govv3.0.1

License MITpermissive2 versions0 deps

/ 100

Health

insufficient data

gopkg.in/yaml.v3 has limited data (2/6 signals) — verify manually before use

Limited information available for this package
Moderate health score (28/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

25/25

security

3/15

maturity

0/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
unknown	CVE-2022-28948	Panic in gopkg.in/yaml.v3	3.0.0-20220521103104-8f96da9f5d5e

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/gopkg.in/yaml.v3

Last updated · 2022-05-27T08:35:30Z