SupportSnyk LearnAPI referenceProduct updatesSign up for free

Issue card information

Issue cards appear on the details page for a Project. You can use available options to do the following:

View dependency card information

Dependency cards show details for a specific dependency, its associated vulnerabilities or license issues, and actions you can take.

Issue card for the npmconf vulnerability

The dependency card provides a Header section and Body section with information as explained in the next sections of this documentation.

Header section

jsonwebtoken issue card header

  • Severity level: for example, High. For dependencies with multiple severity levels, the severity shown in the header is the maximum of all listed issues under that dependency.

  • Dependency name: for example, jsonwebtoken or libxmljs2.

  • Score: Risk Score or Priority score: 0 to 1,000. For dependencies with multiple scores, the score shown in the header is the maximum of all listed issues under that dependency. This will show as Priority score unless you are opted-in to the Early Access for Risk score.

  • Tabs separating out the fixable issues, issues with no supported fix, and vulnerable dependencies.

Expanded vulnerability section

jsonwebtoken issue card body details

  • Issue Name: the vulnerability name, in this case "Authentication bypass".

  • Type: VULNERABILITY or LICENSE ISSUE

  • Links to CWE (Common Weakness Enumeration), CVSS (Common Vulnerability Scoring System), and Snyk Vulnerability Database information for the issue. You can use these links to view more information about the CWE, CVE, and CVSS scores or navigate to the Snyk Vulnerability Database information for a specific vulnerability from its issue card.

  • Exploit maturity: for example, Mature or Proof Of Concept, which indicates how well known the implementation of this exploit is.

  • The exploit's reachability, for example, Reachable. This indicates whether a path from your first party code to the vulnerable code element exists, For information and an example, see Reachable vulnerabilities.

  • Fixed in: The file the vulnerability is fixed in

  • Social Trends: Snyk occasionally shows a Trending banner for issues that are being actively discussed on X (formerly known as Twitter).

Filter and sort issue cards

You can apply multiple filters to a Project to show a set of issues based on specific criteria:

  • Vulnerability or license issue

  • Issues with a specific severity

  • Issues within a range of the priority score

  • Issues that have an exploit and how mature the exploit is

  • Issues that are open or have been patched or ignored

You can sort the issue cards in a Project based on their priority score or severity.

Perform additional card actions

You can perform the following actions on the issue card by clicking the tri-dot menu associated with each vulnerability:

  • Ignore the issue: if you do not need to take action on an issue, or it does not need to appear on your reports, you can ignore it.

  • Create a Jira ticket: if you have the Jira integration, you can link your issue boards to Snyk and create Jira tickets directly from the Project details page to fix vulnerabilities.

You can also open a PR if a fix is available by clicking the "Upgrade to X.X.X" button at the bottom of the card.

PreviousView Project historyNextMaximum number of Projects in an Organization

Last updated

Was this helpful?