Is express-brute safe to use?

express-brute has 1 known vulnerabilities on the latest version (1.0.1). DepScope rates its health at 50/100 (high risk).

What is the latest version of express-brute?

The latest version of express-brute is 1.0.1, released 2016-10-11.

Does express-brute have known vulnerabilities?

Yes. express-brute has 1 known vulnerabilities. See depscope.dev/pkg/npm/express-brute for details.

Is express-brute deprecated?

No, express-brute is actively maintained. Latest release: 1.0.1 (2016-10-11).

What are alternatives to express-brute?

Popular alternatives to express-brute in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does express-brute use?

express-brute is licensed under BSD.

express-brute

npmv1.0.1

A brute-force protection middleware for express routes that rate limits incoming requests

License BSDpermissive18 versions1 maintainers2 deps16,002 weekly dl

AdamPflug/express-brute

/ 100

Health

use with caution

[email protected] low health (50/100) — consider alternatives

Moderate health score (50/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

10/20

popularity

23/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 medium

Advisories (1)

Severity	ID	Summary	Fixed in
medium	GHSA-984p-xq9m-4rjw	Rate Limiting Bypass in express-brute	—

Bundle & TypeScript

🌟

TypeScript

7/10typed

Types from @types/express-brute (DefinitelyTyped)

Health History

Dependency Tree

License Audit

Dependencies (2)

long-timeout underscore

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/express-brute