Is brotli safe to use?

brotli has 1 known vulnerabilities on the latest version (1.2.0). DepScope rates its health at 43/100 (high risk).

What is the latest version of brotli?

The latest version of brotli is 1.2.0, released 2025-11-05.

Does brotli have known vulnerabilities?

Yes. brotli has 1 known vulnerabilities. See depscope.dev/pkg/pypi/brotli for details.

Is brotli deprecated?

No, brotli is actively maintained. Latest release: 1.2.0 (2025-11-05).

What are alternatives to brotli?

Popular alternatives to brotli in PyPI include: boto3, packaging, urllib3, idna, requests.

brotli

pypiv1.2.0

Python bindings for the Brotli compression library

License MITpermissive10 versions1 maintainers0 deps

google/brotli

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Update to >= 2.13.4 to fix known vulnerabilities

1 high severity vulnerabilities

Health breakdown0 – 100

15/25

maintenance

0/20

popularity

20/25

security

6/15

maturity

2/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2025-6176	Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation	2.13.4

OSS Scorecard

OpenSSF security posture score

8.1/10

strong

Maintainer trust

Active maintainers (3m)

10

Contributors (12m)

14

Primary author dominance

37%

GitHub stars

14,667

Quality signals

Download trend

stable(0%)

Publish security

API token

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/pypi/brotli