diff --git a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
index 57bcf58aaea..3f680f02a2f 100644
--- a/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
+++ b/core/src/main/java/org/owasp/dependencycheck/analyzer/NodePackageAnalyzer.java
@@ -347,7 +347,7 @@ private void processDependencies(JsonObject json, File baseDir, File rootFile,
             String parentPackage, Engine engine) throws AnalysisException {
           final boolean skipDev = getSettings().getBoolean(Settings.KEYS.ANALYZER_NODE_PACKAGE_SKIPDEV, false);
           final JsonObject deps;
-
+          final File modules_root = new File(rootFile.getParentFile(), "node_modules");
           final int lockJsonVersion = json.containsKey("lockfileVersion") ? json.getInt("lockfileVersion") : 1;
           if (lockJsonVersion >= 2) {
             deps = json.getJsonObject("packages");
@@ -370,8 +370,9 @@ private void processDependencies(JsonObject json, File baseDir, File rootFile,
                 } else {
                     base = Paths.get(baseDir.getPath(), "node_modules", name).toFile();
                     if (!base.isFile()) {
-                        if ("node_modules".equals(baseDir.getParentFile().getName())) {
-                            base = Paths.get(baseDir.getParent(), name).toFile();
+                        final File test = new File(modules_root, name);
+                        if (test.isDirectory()) {
+                            base = test;
                         }
                     }
                 }