Is materialize-css safe to use?

materialize-css has 4 known vulnerabilities on the latest version (1.0.0). DepScope rates its health at 34/100 (critical risk).

What is the latest version of materialize-css?

The latest version of materialize-css is 1.0.0, released 2018-09-09.

Does materialize-css have known vulnerabilities?

Yes. materialize-css has 4 known vulnerabilities. See depscope.dev/pkg/npm/materialize-css for details.

Is materialize-css deprecated?

No, materialize-css is actively maintained. Latest release: 1.0.0 (2018-09-09).

What are alternatives to materialize-css?

Popular alternatives to materialize-css in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does materialize-css use?

materialize-css is licensed under MIT.

materialize-css

npmv1.0.0

Builds Materialize distribution packages

License MITpermissive25 versions1 maintainers0 deps

Dogfalo/materialize

/ 100

Health

use with caution

[email protected] low health (34/100) — consider alternatives

Update to >= 1.1.0-alpha to fix known vulnerabilities

Moderate health score (34/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

17/25

security

15/15

maturity

2/15

community

Vulnerabilities

4 medium

Advisories (4)

Severity	ID	Summary	Fixed in
medium	CVE-2019-11003	Materialize-css vulnerable to Cross-site Scripting in autocomplete component	1.1.0-alpha
medium	CVE-2022-25349	materialize-css vulnerable to cross-site Scripting (XSS) due to improper escape of user input	—
medium	CVE-2019-11002	Materialize-css vulnerable to Cross-site Scripting in tooltip component	1.1.0-alpha
medium	CVE-2019-11004	Materialize-css vulnerable to Improper Neutralization of Input During Web Page Generation	1.1.0-alpha

Bundle & TypeScript

🌟

TypeScript

7/10typed

Types from @types/materialize-css (DefinitelyTyped)

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/materialize-css