Description

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.

Remediation

References

http://www.openwall.com/lists/oss-security/2022/07/18/1

https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3

Related Vulnerabilities

CVE-2020-2304 Vulnerability in maven package org.jenkins-ci.plugins:subversion

CVE-2021-32685 Vulnerability in npm package tenvoy

CVE-2020-11023 Vulnerability in maven package org.webjars.bower:jquery

CVE-2021-3749 Vulnerability in npm package axios

CVE-2023-29216 Vulnerability in maven package org.apache.linkis:linkis-common

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Mailing List Third Party Advisory Release Notes Vendor Advisory NVD-CWE-noinfo