Snyk Documentation

Issues

The Issues tab displays all known vulnerabilities and licenses discrepancies across your projects, indicating details about each issue and which of your projects is affected. In addition, this area also displays information about which issues can be fixed, and how they can be fixed.

By default, issues are grouped together with all projects affected by the issue.

Following is an example of this grouping:

Get an overview of the general health of your organization on the whole by inspecting the number of projects affected per issue and the number and kinds of issues affecting your projects overall.

Alternatively, you can ungroup data, viewing a separate line for each project in which the issue occurs—meaning the same issue can appear multiple times if it affects multiple projects.

This view is beneficial in providing additional details about:

  • Each affected project
  • The recommended course of remediation

This view can be seen below in Elements, where all elements of both views are described.

Note: Data in each of the four tabs is displayed based on the organization in which you are working.

Elements

The Issues area appears similar to this image when viewing issues ungrouped:

The following table describes the different parts of the Issues area as displayed when viewing issues either grouped or ungrouped:

Element Description Possible values
Severity The icon of the associated severity for this issue. High
Medium
Low
Issue The full officially recognized name of the issue and a list of all affected packages that are contained by your projects. The issue is linked to the Package page.  
Identifiers All associated CVE identifiers. Each identifier is linked individually to the full official CVE or CWE vulnerability details as relevant.  
Project

When viewing issues ungrouped, this is a complete list of all projects affected by the specific issue, and an indicator of the source of the projects.
If viewing the issues grouped by project, this column displays the number of projects affected by the issue. Click the sum total of projects to open a side panel and view a list of all affected projects, linked to their Project pages, similar to the following example:


Details in this view include:

  • Issue status
    Date the issue was detected in the project
  • Fixable—whether the issue can be eliminated with an upgrade or patch
 

Following are the project level details that appear only when viewing issues ungrouped:

Element Description Possible values
Status   Open
Issues that have not been handled.
Fixed
Issues for which Fix PRs have been submitted (automatically by Snyk).
Patched
Issues that have been fixed with Snyk patches.
Ignored
Issues to which the Ignore policy applies.
Introduced The date the issue was introduced in the project.  
Fixable Indicates whether a fix is available for the issue.

Patch
Issues that can be fixed with a Snyk patch.
Upgrade
Issues that can be resolved by upgrading the affected package.
No
Issues for which there is currently no known fix.

Jira issue   When a Jira integration is configured for the project and a Jira issue has been filed against the issue in Snyk, this column displays the Jira key and links to that same issue within Jira.

Actions

These controls appear above the table:

Issue filters—mark the issues to be displayed by selecting specific severity levels, issue types, and project types as well as by status and whether the issue is fixable. Only issues matching all selected criteria are displayed.

Last X days—view issue data for the last 30, 60, 90, 120 or 365 days.

Export as CSV—export issue data in CSV file format.
View issues ungrouped/View issues grouped—toggle between views. When viewing “grouped”, each issue appears once only, grouping together all affected projects; when viewing “ungrouped”, each issue appears once per project that is affected by it.