Includes front-end JavaScript libraries with known security vulnerabilities

Includes front-end JavaScript libraries with known security vulnerabilities

Updated
Appears in: Best Practices audits

Intruders have automated web crawlers that can scan your site for known security vulnerabilities. When the web crawler detects a vulnerability, it alerts the intruder. From there, the intruder just needs to figure out how to exploit the vulnerability on your site.

How this Lighthouse audit fails #

Lighthouse flags front-end JavaScript libraries with known security vulnerabilities:

Lighthouse audit showing any front-end JavaScript libraries with known security vulnerabilities used by the page

To detect vulnerable libraries, Lighthouse:

Each Best Practices audit is weighted equally in the Lighthouse Best Practices Score. Learn more in The Best Practices score.

Stop using insecure JavaScript libraries #

Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version. If the library hasn't released a new version or is no longer maintained, consider using a different library.

Click the links in the Library Version column of your report to learn more about each library's vulnerabilities.

Resources #

Last updated: Improve article