CVE-2024-3566 | Node.js up to 21.7.2 on Windows CreateProcess os command injection

Inserito da Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability classified as critical has been found in Node.js up to 21.7.2 on Windows. Affected is the function CreateProcess. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-3566. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-3566 | Node.js up to 21.7.2 on Windows CreateProcess os command injection

Post correlati

CVE-2024-46366 | Webkul Krayin CRM 1.3.0 Template injection

CVE-2024-30674 | ROS ROS2 Iron Irwini information disclosure

CVE-2023-52387 | Huawei HarmonyOS/EMUI GPU Module information disclosure

CVE-2024-1760 | Appointment Booking Calendar Plugin up to 1.6.6.20 on WordPress Plugin Data Reset cross-site request forgery