CVE-2024-3566

9.8

CRITICALCVSS v3

Published

April 10, 2024

Affected

5 projects

Assigned by

[email protected]

Severity scale

010

Description

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

golang/go

GitHubThe Go programming language

= *NVD

rust-lang/rust

GitHubEmpowering everyone to build reliable and efficient software.

= 1.77.2, < 1.77.2NVD

@externs/nodejs

NPM

More on this CVE

NVD↗GitHub Advisory↗

The Closure Compiler Externs For Node.JS.

= *, < 18.20.2, >= 19.0.0, < 20.12.2, >= 21.0.0, < 21.7.3NVD

externs/nodejs

GitHubThe Externs For Node.JS.

= *, < 18.20.2, >= 19.0.0, < 20.12.2, >= 21.0.0, < 21.7.3NVD

@now/php

NPM

= *, < 8.1.28, >= 8.2.0, < 8.2.18, >= 8.3.0, < 8.3.6NVD

Security Advisories

CVE-2024-3566

Description

More on this CVE