Home > Vulnerability Database > CVE-2022-36127

Mend.io Vulnerability Database

CVE-2022-36127

Good to know:

Date: July 18, 2022

A vulnerability in Apache SkyWalking NodeJS Agent prior to 0.5.1. The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can't establish the connection.

Language: TYPE_SCRIPT

Severity Score

7.5

Related Resources (6)

Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36127

Url: http://www.openwall.com/lists/oss-security/2022/07/18/1

Url: https://lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-36127

Url: https://github.com/apache/skywalking-nodejs/commit/75afb3ec7a40263ce9317d9e535ce46b296b546a

Url: https://www.mend.io/vulnerability-database/CVE-2022-36127

Severity Score

7.5

Weakness Type (CWE)

Insufficient Information

NVD-CWE-noinfo

Top Fix

Upgrade Version

Upgrade to version skywalking-backend-js - 0.5.1

Learn More

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-36127

Good to know:

Date: July 18, 2022

Language: TYPE_SCRIPT

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?