Description
A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.
Remediation
References
http://www.openwall.com/lists/oss-security/2022/07/18/1
https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3
Related Vulnerabilities
CVE-2020-2132 Vulnerability in maven package com.parasoft:environment-manager
CVE-2021-32796 Vulnerability in npm package xmldom
CVE-2020-8214 Vulnerability in npm package servey
CVE-2020-5397 Vulnerability in maven package org.springframework:spring-webmvc
CVE-2015-8854 Vulnerability in maven package org.webjars.bower:marked