CVE-2022-36127: Service unavailability impact in NodeJS agent(version <= 0.5.0)
First published: Mon Jul 18 2022(Updated: )
A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Skywalking | <0.5.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-36127?
CVE-2022-36127 is a vulnerability in Apache SkyWalking NodeJS Agent prior to version 0.5.1 that can cause NodeJS services to be unavailable if the OAP is unhealthy and the agent can't establish a connection.
How does CVE-2022-36127 impact NodeJS services?
CVE-2022-36127 can cause NodeJS services to become unavailable if the OAP (Apache SkyWalking Application Performance) is unhealthy and the NodeJS agent is unable to establish a connection.
What is the severity of CVE-2022-36127?
CVE-2022-36127 has a severity rating of 7.5 (high).
How can I fix CVE-2022-36127?
To fix CVE-2022-36127, upgrade to Apache SkyWalking NodeJS Agent version 0.5.1 or later.
Where can I find more information about CVE-2022-36127?
You can find more information about CVE-2022-36127 at the following references: [1](http://www.openwall.com/lists/oss-security/2022/07/18/1), [2](https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3)
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/apache
- canonical/apache skywalking