Chrome Dev Summit 2018 is happening now and streaming live on YouTube. Watch now.

Includes Front-End JavaScript Libraries With Known Security Vulnerabilities

Overview

Intruders have automated web crawlers that can scan your site for known security vulnerabilities. When the web crawler detects a vulnerability, it alerts the intruder. From there, the intruder just needs to figure out how to exploit the vulnerability on your site.

Recommendations

Stop using each of the libraries that Lighthouse flags. If the library has released a newer version that fixes the vulnerability, upgrade to that version, or consider using a different library.

See Snyk's Vulnerability DB to learn more about each library's vulnerability.

More information

To detect vulnerable libraries, Lighthouse:

An intruder can scan your entire site using the process above and a web crawler.

Audit source

Feedback

Was this page helpful?