Support Portal | Snyk Help Center home page Support
View my tickets
Submit a request
Submit a ticket Try Snyk for free

Articles in this section

  • Cannot create a Fix PR
  • Can patching break my code?
  • Failed to detect issues
  • Failed to update the yarn.lock, please update manually before merging.
  • Fixed in version vs. fixable attribute in vulnerabilities
  • How are Snyk patches created?
  • How are Snyk patches tested?
  • Is it possible that a fix pull request could introduce new vulnerabilities?
  • Snyk changed the "resolved" URLs in my lockfile
  • What can I do if I my scan reports vulnerabilities?
See more
  1. Support Portal | Snyk
  2. Using Snyk
  3. Fixing Vulnerabilities

Is it possible that a fix pull request could introduce new vulnerabilities?

Yes, it can happen with our fix logic. When looking for upgrade paths, our fix checks against the vulnerabilities that were detected in the original project tree. 

Have more questions?

Submit a request
Was this article helpful?
Return to top
Snyk - Develop Fast, Stay Secure.
Book a demo Sign up for free
Snyk
  • What is Snyk
  • Snyk Open Source
  • Snyk Code
  • Snyk Container
  • Snyk Infrastructure as Code
  • Developer Security Platform
  • Pricing
  • Events
Resources
  • Docs
  • API docs
  • Support
  • Onboarding
  • Product updates
  • Vulnerability DB
  • Snyk Advisor
  • Snyk Learn
Company
  • About Us
  • Jobs at Snyk
  • Legal Terms
  • Privacy
  • Press Kit
  • Secure by Design
  • Do not sell my personal information
Connect
  • Book a Demo
  • Contact Us
  • Report a New Vuln
Snyk

Snyk is an open source security platform designed to help software-driven businesses enhance developer security. Snyk's dependency scanner makes it the only solution that seamlessly and proactively finds, prioritizes and fixes vulnerabilities and license violations in open source dependencies and container images.

Track our Development

Snyk - GitHub Snyk - NPM

Snyk - DecSecCon