View Project issues, fixes, and dependencies
Last updated
Was this helpful?
Last updated
Was this helpful?
Was this helpful?
The following Project information is available on the Snyk Web UI:
Issues: the number of vulnerabilities and Open Source license issues
Fixes: fix advice
Dependencies: for Open Source, the total number of direct and transitive (nested) dependencies
The Project details page displays Issue cards on the Issues tab. The information provided includes vulnerabilities and Open Source license issues.
Use the filters in the panel to the left to narrow the search for issues. Select the checkboxes to filter issues by Issue type, Severity, Fixability, Exploit Maturity, and Status. You can also edit the Priority Score slider to change the range displayed; the default is 0 to 1000.
Issue details are shown on issue cards in the main area, sorted by priority score. See Issue card information for more details.
Scroll to a dependency and the listed issues to view details, including the max and individual risk scores (or priority score).
The Severity icon in front of the dependency title shows the maximum severity associated with the dependency. In this example, there are listed issues with medium or high severity, so the maximum severity for the dependency is high.
The score associated with the dependency title is the maximum of all listed issues under that dependency. This will show as either Risk Score if you are opted-in to the Early Access feature, or Priority Score.
Click Learn about this type of vulnerability for Snyk Learn training.
Click Show more detail to view detailed information about the vulnerability from the Snyk Vulnerability database:
Snyk knowledge of the transitive dependencies in your Project makes it possible for Snyk to provide additional fix advice on the Fixes tab:
See Fix your vulnerabilities for details.
Snyk uses the package manager for your application to build the dependency tree and display it in the Dependencies tab of the Project issues detail page for Open Source. This tab shows which components introduce a vulnerability, indicating how the dependency was introduced to the application.
An example follows:
