Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

process_library

Source -

NVDADP

CNA CVEs -

0

ADP CVEs -

1

CISA CVEs -

0

NVD CVEs -

1
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2024-3566
Assigner-CERT/CC
ShareView Details
Assigner-CERT/CC
CVSS Score-9.8||CRITICAL
EPSS-5.35% / 89.85%
||
7 Day CHG~0.00%
Published-10 Apr, 2024 | 15:22
Updated-18 Nov, 2025 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Command injection vulnerability in programing languages on Microsoft Windows operating system.

A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.

Action-Not Available
Vendor-rust-langyt-dlp_projecthaskellGo Programming LanguageHaskell Programming Languagerust-langyt-dlp_projecthaskellthephpgroupNode.js (OpenJS Foundation)The PHP GroupGoMicrosoft Corporation
Product-process_libraryyt-dlpgowindowsnode.jsphprustGoLangHaskelNode.jsnodejsthephpgroupyt-dlpprocess_libraryrust
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')