Docs Library | Snyk Help Center home page | Docs Library
New Features
Submit a request
Sign in
  1. Docs Library | Snyk
  2. FAQs
  3. Finding Vulnerabilities

Articles in this section

  • Snyk Vs NPM Audit
  • What is the "Minimal upgrade required" and how is it determined?
  • Why does Snyk have a different CVSS to NVD for specific CVEs
  • How does Snyk aggregate .NET Projects?
  • Why do yarn and npm report more dependencies than snyk?
  • Mismatch of Vulnerabilities. Why does the CLI show a different number of vulnerabilities than through the Snyk App?
  • Does the Snyk vulnerability database contain malicious packages or only known vulnerabilities ?
  • What are known vulnerabilities?
  • I'm using Scala and SBT. Is there a way I can use Snyk?
  • How do you determine the severity of a vulnerability?
See more

Why does Snyk have a different CVSS to NVD for specific CVEs

At Snyk, we use our own security team to hand-curate their own CVSS to the most accurate degree in mind. 

An in-depth look at how Snyk calculates it can be found here - https://snyk.io/blog/scoring-security-vulnerabilities-101-introducing-cvss-for-cve/

Have more questions?

Submit a request
Was this article helpful?
Return to top

Copyright © 2020. Docs Library | Snyk. All Rights Reserved.

Ready to get started?

Book a Demo