Includes front-end JavaScript libraries with known security vulnerabilities

Intruders have automated web crawlers that can scan your site for known security vulnerabilities. When the web crawler detects a vulnerability, it alerts the intruder. From there, the intruder just needs to figure out how to exploit the vulnerability on your site.

How this Lighthouse audit fails

Lighthouse flags front-end JavaScript libraries with known security vulnerabilities:

Lighthouse audit showing any front-end JavaScript libraries with known security vulnerabilities used by the page

To detect vulnerable libraries, Lighthouse:

Stop using insecure JavaScript libraries

Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version. If the library hasn't released a new version or is no longer maintained, consider using a different library.

Click the links in the Library Version column of your report to learn more about each library's vulnerabilities.

Resources