github.com/ory/kratos
govv1.3.1Headless cloud-native authentication and identity management written in Go. Scales to a billion+ users. Replace Homegrown, Auth0, Okta, Firebase with better UX and DX. Passkeys, Social Sign In, OIDC, Magic Link, Multi-Factor Auth, SMS, SAML, TOTP, and more. Runs everywhere, runs best on Ory Network.
License Apache-2.0permissive102 versions245 maintainers0 deps13,591 weekly dl
ory/kratos63
/ 100
Health
update required
github.com/ory/[email protected] has vulnerabilities — update to latest
Update to >= 1.3.1-0.20260320110106-9d7085948039 to fix known vulnerabilities
- 1 high severity vulnerabilities
Health breakdown0 – 100
5/25
maintenance
10/20
popularity
20/25
security
15/15
maturity
13/15
community
Vulnerabilities
2
1 high1 low
Advisories (2)
| Severity | ID | Summary | Fixed in |
|---|---|---|---|
| high | CVE-2026-33503 | Ory Kratos has a SQL injection via forged pagination tokens | 1.3.1-0.20260320110106-9d7085948039 |
| unknown | CVE-2026-33503 | Ory Kratos has a SQL injection via forged pagination tokens in github.com/ory/kratos | 1.3.1-0.20260320110106-9d7085948039 |
Health History
Dependency Tree
License Audit
API access
Get this data programmatically — free, no authentication.
curl https://depscope.dev/api/check/go/github.com/ory/kratosLast updated · 2024-10-28T09:04:20Z