The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade github.com/hashicorp/vault/builtin/logical/pki
to version 1.7.1, 1.6.4, 1.5.8 or higher.
Affected versions of this package are vulnerable to Access Control Bypass. It was discovered that a change to the tidy_revoked_certs
logic in the PKI Secrets Engine, released in Vault 1.5.1, had an unintended effect of removing revoked-but-unexpired certificates from Vault’s CRL. Environments that utilize this feature may have such certificates excluded from their CRL after a tidy operation and subsequently treated as valid since they are no longer in the CRL and not yet past their NotAfter
value.