CVE-2024-3566 | Node.js up to 21.7.2 on Windows CreateProcess os command injection

Posted by Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability classified as critical has been found in Node.js up to 21.7.2 on Windows. Affected is the function CreateProcess. The manipulation leads to os command injection.

This vulnerability is traded as CVE-2024-3566. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-3566 | Node.js up to 21.7.2 on Windows CreateProcess os command injection

Related Posts

CVE-2024-2500 | ColorMag Plugin up to 3.1.6 on WordPress Display Name cross site scripting

CVE-2024-46419 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 setWizardCfg ssid5g buffer overflow

CVE-2023-52116 | Huawei HarmonyOS/EMUI Multi-Screen Interaction Module privileges management

CVE-2024-20802 | Samsung Mobile Devices DeX access control