CVE-2022-36127

Опубликовано: 18 июл. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.

Ссылки

http://www.openwall.com/lists/oss-security/2022/07/18/1
Mailing List
Third Party Advisory
https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3
Mailing List
Release Notes
Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/07/18/1
Mailing List
Third Party Advisory
https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3
Mailing List
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:apache:skywalking_nodejs_agent:*:*:*:*:*:node.js:*:*

Версия до 0.5.1 (исключая)

EPSS

Процентиль: 90%

0.05156

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-8gpg-466c-5cpj