CVE-2022-36127: Denial of service

July 18, 2022 (updated July 25, 2022)

The vulnerability will cause NodeJS services that has this agent installed to be unavailable if the OAP is unhealthy and NodeJS agent can’t establish the connection.

References

www.openwall.com/lists/oss-security/2022/07/18/1
lists.apache.org/thread/x238wo4r5goy39dxdjcmlofp6gcdnqr3
nvd.nist.gov/vuln/detail/CVE-2022-36127

Detect and mitigate CVE-2022-36127 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →