This content is outdated and no longer accurate.

Includes front-end JavaScript libraries with known security vulnerabilities

Published on Updated on

Translated to: Español, Português, 한국어, 中文, Pусский, 日本語


This audit was removed from Lighthouse v10.0.0 on February 9th 2023. For more information on the removal of this audit, see the relevant GitHub pull request.

Intruders have automated web crawlers that can scan your site for known security vulnerabilities. When the web crawler detects a vulnerability, it alerts the intruder. From there, the intruder just needs to figure out how to exploit the vulnerability on your site.

How this Lighthouse audit fails

Lighthouse flags front-end JavaScript libraries with known security vulnerabilities:

Lighthouse audit showing any front-end JavaScript libraries with known security vulnerabilities used by the page

To detect vulnerable libraries, Lighthouse:

Each Best Practices audit is weighted equally in the Lighthouse Best Practices Score. Learn more in The Best Practices score.

Stop using insecure JavaScript libraries

Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version. If the library hasn't released a new version or is no longer maintained, consider using a different library.

Click the links in the Library Version column of your report to learn more about each library's vulnerabilities.


Updated on Improve article

This site uses cookies to deliver and enhance the quality of its services and to analyze traffic. If you agree, cookies are also used to serve advertising and to personalize the content and advertisements that you see. Learn more about our use of cookies.