Snyk Documentation

Issues

The Issues tab displays all known vulnerabilities and licenses discrepancies across your projects, indicating details about each issue and which of your projects is affected. In addition, this area also displays information about which issues can be fixed, and how they can be fixed.

By default, issues are grouped together with all projects affected by the issue.

Following is an example of this grouping:

Get an overview of the general health of your organization on the whole by inspecting the number of projects affected per issue and the number and kinds of issues affecting your projects overall.

Alternatively, you can ungroup data, viewing a separate line for each project in which the issue occurs—meaning the same issue can appear multiple times if it affects multiple projects.

This view is beneficial in providing additional details about:

  • Each affected project
  • The recommended course of remediation

This view can be seen in the Elements column below, where all the elements of both views are described

Note: Data in each of the four tabs is displayed based on the organization in which you are working.

Elements

The Issues area appears similar to this image when viewing issues ungrouped:

The following table describes the different parts of the Issues area as displayed when viewing issues either grouped or ungrouped:

Element

Description

Possible values
Issue tab The number of issues that you’re currently viewing, based on the filters and searches you used, are displayed on the issues tab.  
Severity The icon of the associated severity for this issue. High
Medium
Low
Issue The full officially recognized name of the issue and a list of all affected packages that are contained by your projects. The issue is linked to the Package page.  
Identifiers All associated CVE identifiers. Each identifier is linked individually to the full official CVE or CWE vulnerability details as relevant.  
Project

When viewing issues ungrouped, this is a complete list of all projects affected by the specific issue, and an indicator of the source of the projects.
If viewing the issues grouped by project, this column displays the number of projects affected by the issue. Click the sum total of projects to open a side panel and view a list of all affected projects, linked to their Project pages, similar to the following example:


Details in this view include:

  • Issue status
    Date the issue was detected in the project
  • Fixable—whether the issue can be eliminated with an upgrade or patch
 

Following are the project level details that appear only when viewing issues ungrouped:

Element Description Possible values
Status   Open
Issues that have not been handled.
Fixed
Issues for which Fix PRs have been submitted (automatically by Snyk).
Patched
Issues that have been fixed with Snyk patches.
Ignored
Issues to which the Ignore policy applies.
Introduced The date the issue was introduced in the project.  
Fixable Indicates whether a fix is available for the issue.

Patch
Issues that can be fixed with a Snyk patch.
Upgrade
Issues that can be resolved by upgrading the affected package.
No
Issues for which there is currently no known fix.

Jira issue   When a Jira integration is configured for the project and a Jira issue has been filed against the issue in Snyk, this column displays the Jira key and links to that same issue within Jira.

Actions

These controls appear above the table:

Search issues—this search capability allows users to search based on CVE, CWE or identifier name (i.e. DDoS). When searching by CVE or CWE, you must provide an exact value (for example CVE-1234) whereas, for identifier name, typing in a piece of the word will return results.

Search for projectsthe dynamic search field enables you to enter free text and begins searching with the first character you type; alternatively, select multiple packages from the dropdown list that opens when you click in the field. In addition, you can click the Select All or Deselect All links that dynamically appear in the upper right-hand corner of the dropdown list.

Issue filters—mark the issues to be displayed by selecting specific severity levels, issue types, and project types as well as by status and whether the issue is fixable. Only issues matching all selected criteria are displayed.

Last X days—view issue data for the last 30, 60, 90, 120 or 365 days.

Export—click the button to choose which format you’d like to export issue data in:

  • CSV
  • Print/generate a preview from the Print dialog box in your local environment. Once you click the initial Print button, in the backend we load all the issues into one page. This process can take a few seconds. Make sure you don’t close your tab/browser or refresh the page while we prepare the document. Once ready, you get a new dialog box informing you that the document is ready to print. Within the print dialog, you select to save as PDF or print directly. 

Note: There is a limit of 2000 issues that can be generated at once. The number of issues you’re currently viewing is displayed on the issues tab, as described in the Elements table.

View issues ungrouped/View issues grouped—toggle between views. When viewing “grouped”, each issue appears once only, grouping together all affected projects; when viewing “ungrouped”, each issue appears once per project that is affected by it.