Description

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.

Remediation

References

http://www.openwall.com/lists/oss-security/2022/07/18/1

https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3

Related Vulnerabilities

CVE-2021-43090 Vulnerability in maven package com.predic8:soa-model-parent

CVE-2023-46653 Vulnerability in maven package org.jenkins-ci.plugins:lambdatest-automation

CVE-2019-10753 Vulnerability in maven package com.diffplug.spotless:spotless-eclipse-wtp

CVE-2022-31069 Vulnerability in npm package @ffdc/nestjs-proxy

CVE-2022-21721 Vulnerability in npm package next

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Mailing List Third Party Advisory Release Notes Vendor Advisory NVD-CWE-noinfo