The Issues tab displays all known vulnerability and license discrepancies across your projects, indicating details about each issue and which of your projects is affected, and how you can fix each issue.
Data in each of the main tabs is displayed based on the filters you've applied from the top of the Reports area, as well as the group or organization that you're viewing from.
By default, issues are displayed grouped per issue, similar to the following example:
The number of issues that you’re currently viewing, based on the filters and searches you used, appear on the Issues tab label.
Grouped and ungrouped views
Use the default grouped view to get an overview of the general health of your organization on the whole by inspecting the number of projects affected per issue and the number and kinds of issues affecting your projects.
Alternatively, click View issues ungrouped to ungroup data, viewing a separate line for each project in which the issue occurs; meaning the same issue can appear multiple times if it affects multiple projects. This ungrouped view provide more details about each affected project, and the recommended fix.
Click the View issues ungrouped or View issues grouped link to toggle between views.
Issues tab elements
All views
These fields appear for both views (grouped and ungrouped):
Element
Description
Severity
The icon of the associated severity for this issue:
Patch: Issues that can be fixed with a Snyk patch.
Upgrade: Issues that can be resolved by upgrading the affected package.
Pin: Issues that can be fixed by making a transitive dependency into a direct dependency.
Note: this is currently Python-specific.
No: Issues for which there is currently no known fix.
Introduced
The date the issue was introduced in the project.
Status
The current status of a vulnerability:
Open: Issues that have not been handled
Fixed: Issues for which Fix PRs have been submitted (automatically by Snyk)
Patched: Issues that have been fixed with Snyk patches
Ignored: Issues to which the Ignore policy applies
Reachability
Whether vulnerabilities have a path from the code to the vulnerable function (see Reachable vulnerabilities):
Reachable: There is a clear path from the app’s code down to the vulnerable function.
Potentially reachable: There are indications that you might be exposed to the vulnerability.
No path found: We don’t have enough information to decide whether the vulnerability is reachable.
Jira issue
When a Jira integration is configured for the project and a Jira issue has been filed against the issue in Snyk, this column displays the Jira key and links to that same issue within Jira.
Issues tab actions
These controls appear above the table:
Search issues: search based on CVE, CWE or identifier name (i.e. DDoS). When searching by CVE or CWE, you must provide an exact value (for example CVE-1234), but when searching for identifier name, typing in a piece of the word will return results.
Issue filters: mark the issues to be displayed by selecting a range of priority scores, specific issue types, exploit maturity, status, fixable values and reachability, as described in the Issues tab elements section.
Export—click the button to choose which format you’d like to export issue data in:
CSV
Print/generate a preview from the Print dialog box in your local environment. This can take a few seconds to generate.