Description

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.

Remediation

References

http://www.openwall.com/lists/oss-security/2022/07/18/1

https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3

Related Vulnerabilities

CVE-2015-8861 Vulnerability in maven package org.webjars:handlebars

CVE-2020-35199 Vulnerability in maven package org.igniterealtime.openfire.plugins:bookmarks

CVE-2019-19771 Vulnerability in npm package hdeky

CVE-2019-10360 Vulnerability in maven package org.jenkins-ci.plugins.m2release:m2release

CVE-2019-10420 Vulnerability in maven package org.jenkins-ci.plugins:assembla

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Mailing List Third Party Advisory Release Notes Vendor Advisory NVD-CWE-noinfo