Description
A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.
Remediation
References
http://www.openwall.com/lists/oss-security/2022/07/18/1
https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3
Related Vulnerabilities
CVE-2021-44832 Vulnerability in maven package org.apache.logging.log4j:log4j-core
CVE-2020-11969 Vulnerability in maven package org.apache.tomee:openejb-lite
CVE-2021-39148 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2019-10417 Vulnerability in maven package io.fabric8.pipeline:kubernetes-pipeline-devops-steps