The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade nilfs-dev/nilfs-utils to version 2.3.1 or higher.
Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the nilfs_sb_is_valid function when processing NILFS2 images with improperly validated s_log_block_size fields in the superblock. An attacker can cause a crash or trigger out-of-memory conditions by supplying a crafted NILFS2 image to tools such as nilfs-tune or dumpseg. This is only exploitable if a user interacts with a malicious NILFS2 image.
This vulnerability can be mitigated by avoiding the processing of NILFS2 images from untrusted sources and restricting the use of NILFS utilities to trusted administrators and environments.