Missed the action at the 2018 Chrome Dev Summit? Catch up with our playlist on the Google Chrome Developers channel on YouTube. Watch now.

Includes Front-End JavaScript Libraries With Known Security Vulnerabilities

Overview

Intruders have automated web crawlers that can scan your site for known security vulnerabilities. When the web crawler detects a vulnerability, it alerts the intruder. From there, the intruder just needs to figure out how to exploit the vulnerability on your site.

Recommendations

Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version, or consider using a different library.

See Snyk's Vulnerability DB to learn more about each library's vulnerability.

More information

To detect vulnerable libraries, Lighthouse:

An intruder can scan your entire site using the process above and a web crawler.

Audit source

Feedback

Was this page helpful?