Gopkg.in/yaml.v2 Denial of Service (DoS)

People found a dependency with a vulnerability of the repository testify github.com/stretchr/testify@v1.4.0

github.com/dgraph-io/ristretto@v0.0.3
Fixed in
gopkg.in/yaml.v2@2.2.8
Exploit maturity
NO KNOWN EXPLOIT

gopkg.in/yaml.v2 Denial of Service (DoS)
VULNERABILITY
CWE-1050
CVE-2019-11254

solution uses current version => v1.7.0