When using the CLI command
snyk container test, or Github Action snyk/actions/docker@master, the test may fail with error
cannot read properties of undefined (reading 'CVE')
When using the
--sarif-file-output=<file> arguments, in some cases the sarif parser is not able to correctly process the output from the snyk test.
The Github Action exports to sarif file (snyk.sarif) by default. See here
This issue has been resolved in Snyk CLI version
1.1146.0. Please upgrade to this version or higher.
If you are unable to upgrade, the following workarounds are available for older versions:
In CLI, omit the
--sarif-file-output=<file> option. Optionally use
If using Github Action snyk/actions/docker@master, set
sarif: false in the
with section of your action.
json: true to export to