Description

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

INFO

Published Date :

2024-04-10T15:22:56.099Z

Last Modified :

2025-11-18T17:35:41.547Z

Source :

certcc
AFFECTED PRODUCTS

The following products are affected by CVE-2024-3566 vulnerability.

Vendors Products
Golang
  • Go
Haskell
  • Process Library
Microsoft
  • Windows
Nodejs
  • Node.js
  • Nodejs
Php
  • Php
Rust-lang
  • Rust
Thephpgroup
  • Thephpgroup
Yt-dlp Project
  • Yt-dlp

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact