.svg){kind=logo}
Overview
Exploitability is gauged using EPSS Scores, which are available in Mend Container similarly to Mend SCA.
-
Navigate to your application or project’s Containers view
-
Select the Findings tab
-
Add the EPSS Score column using the Columns menu on the right.
-
The column is sortable, enabling you to review higher exploitability findings first.
-
EPSS Score Rounding Rule
EPSS score is a probability between 0–1 (e.g., 0.431114). For readability, it is rounded so only 2 digits after the decimal point are displayed in the application, according to the following logic:
-
If the third digit is 5 or higher → the second digit will increase by 1.
-
If the third digit is 4 or lower → the second digit will decrease by 1.
Examples:
Raw → Result
0.431114 → 0.43
0.03543 → 0.04
0.034 → 0.03
0.0043 → 0.00
0.005 → 0.01
This means that “0.00%” will be displayed when the probability is close to zero:
0.0043 → 0.00
0.004 → 0.00
0.001 → 0.00
When the probability is in fact zero percent, it will be denoted as “N/A”.