Is cvss4 safe to use?

cvss4 has no known vulnerabilities on the latest version (1.0.7). DepScope rates its health at 38/100 (critical risk).

What is the latest version of cvss4?

The latest version of cvss4 is 1.0.7, released 2025-01-01.

Does cvss4 have known vulnerabilities?

No known vulnerabilities on the latest version of cvss4.

No, cvss4 is actively maintained. Latest release: 1.0.7 (2025-01-01).

What are alternatives to cvss4?

Popular alternatives to cvss4 in npm include: minimatch, commander, eslint-visitor-keys, ajv, color-name.

cvss4

npmv1.0.7

The **Common Vulnerability Scoring System (CVSS)** is a [scoring framework](https://www.first.org/cvss/) that provides numerical scores to assess the severity of software vulnerabilities. This TypeScript-based library offers support for CVSS versions **3.

License MITpermissive2 versions1 maintainers1 deps

rohitcoder/cvss

/ 100

Health

use with caution

[email protected] low health (38/100) — consider alternatives

Low health score (38/100)

Health breakdown0 – 100

5/25

maintenance

0/20

popularity

25/25

security

6/15

maturity

2/15

community

Vulnerabilities

none known

Bundle & TypeScript

📦

Bundle Size

19.6 KBminified

6.4 KB gzipped

1 direct dependencies

ESMside effects

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

Dependencies (1)

tslib

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/cvss4