How this audit fails
To detect vulnerable libraries, Lighthouse:
- Runs Library Detector For Chrome.
- Checks the list of detected libraries against Snyk's Vulnerability DB.
Each Best Practices audit is weighted equally in the Lighthouse Best Practices Score. Learn more in The Best Practices score.
An intruder can scan your entire site using a web crawler.
Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version, or consider using a different library.
See Snyk's Vulnerability DB to learn more about each library's vulnerability.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.