CVE-2024-3566

Name
CVE-2024-3566
Description
A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied.
NVD Severity
unknown
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cret@cert.org https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
cret@cert.org https://kb.cert.org/vuls/id/123335
cret@cert.org https://learn.microsoft.com/en-us/archive/blogs/twistylittlepassagesallalike/everyone-quotes-command-line-arguments-the-wrong-way
cret@cert.org https://www.cve.org/CVERecord?id=CVE-2024-1874
cret@cert.org https://www.cve.org/CVERecord?id=CVE-2024-22423
cret@cert.org https://www.cve.org/CVERecord?id=CVE-2024-24576
cret@cert.org https://www.kb.cert.org/vuls/id/123335
af854a3a-2127-422b-91ae-364da2661108 https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2024/CVE-2024-3566

Match rules

CPE URI Source package Min version Max version
node.js == * == None
golang == * == None
haskel == * == None

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
yt-dlp edge-community 2025.11.12-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.10.22-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.10.14-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.09.26-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.09.23-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.09.05-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.08.27-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.08.22-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.08.20-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.08.11-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.07.21-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.06.30-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.06.25-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.06.09-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.05.22-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.04.30-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.03.31-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.03.27-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.03.25-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.03.21-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.02.19-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.01.26-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.01.15-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2025.01.12-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2024.12.23-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2024.12.13-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2024.12.06-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2024.12.03-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2024.07.01-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2023.11.14-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2023.09.24-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2023.07.06-r1 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 2023.07.06-r0 Lauren N. Liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp edge-community 0-r0 None possibly vulnerable
yt-dlp 3.22-community 2025.10.22-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.10.14-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.09.26-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.09.23-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.08.27-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.08.22-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2025.03.31-r0 lauren n. liberda <lauren@selfisekai.rocks> possibly vulnerable
yt-dlp 3.22-community 2024.07.01-r0 None possibly vulnerable
yt-dlp 3.22-community 2023.11.14-r0 None possibly vulnerable
yt-dlp 3.22-community 2023.07.06-r0 None possibly vulnerable
yt-dlp 3.22-community 0-r0 None possibly vulnerable
nodejs 3.22-main 20.15.1-r0 None possibly vulnerable
nodejs 3.22-main 20.12.1-r0 None possibly vulnerable
nodejs 3.22-main 18.18.2-r0 None possibly vulnerable
nodejs 3.22-main 18.17.1-r0 None possibly vulnerable
nodejs 3.22-main 18.14.1-r0 None possibly vulnerable
nodejs 3.22-main 18.12.1-r0 None possibly vulnerable
nodejs 3.22-main 16.17.1-r0 None possibly vulnerable
nodejs 3.22-main 16.13.2-r0 None possibly vulnerable
nodejs 3.22-main 14.18.1-r0 None possibly vulnerable
nodejs 3.22-main 14.17.6-r0 None possibly vulnerable
nodejs 3.22-main 14.17.5-r0 None possibly vulnerable
nodejs 3.22-main 14.17.4-r0 None possibly vulnerable
nodejs 3.22-main 14.16.1-r0 None possibly vulnerable
nodejs 3.22-main 14.16.0-r0 None possibly vulnerable
nodejs 3.22-main 14.15.5-r0 None possibly vulnerable
nodejs 3.22-main 14.15.4-r0 None possibly vulnerable
nodejs 3.22-main 14.15.1-r0 None possibly vulnerable
nodejs 3.22-main 12.18.4-r0 None possibly vulnerable
nodejs 3.22-main 12.18.0-r0 None possibly vulnerable
nodejs 3.22-main 12.15.0-r0 None possibly vulnerable
nodejs 3.22-main 10.16.3-r0 None possibly vulnerable
nodejs 3.22-main 10.15.3-r0 None possibly vulnerable
nodejs 3.22-main 10.14.0-r0 None possibly vulnerable
nodejs 3.22-main 8.11.4-r0 None possibly vulnerable
nodejs 3.22-main 8.11.3-r0 None possibly vulnerable
nodejs 3.22-main 8.11.0-r0 None possibly vulnerable
nodejs 3.22-main 8.9.3-r0 None possibly vulnerable
nodejs 3.22-main 6.11.5-r0 None possibly vulnerable
nodejs 3.22-main 6.11.1-r0 None possibly vulnerable
nodejs 3.21-main 20.15.1-r0 None possibly vulnerable
nodejs 3.21-main 20.12.1-r0 None possibly vulnerable
nodejs 3.21-main 18.18.2-r0 None possibly vulnerable
nodejs 3.21-main 18.17.1-r0 None possibly vulnerable
nodejs 3.21-main 18.14.1-r0 None possibly vulnerable
nodejs 3.21-main 18.12.1-r0 None possibly vulnerable
nodejs 3.21-main 16.17.1-r0 None possibly vulnerable
nodejs 3.21-main 16.13.2-r0 None possibly vulnerable
nodejs 3.21-main 14.18.1-r0 None possibly vulnerable
nodejs 3.21-main 14.17.6-r0 None possibly vulnerable
nodejs 3.21-main 14.17.5-r0 None possibly vulnerable
nodejs 3.21-main 14.17.4-r0 None possibly vulnerable
nodejs 3.21-main 14.16.1-r0 None possibly vulnerable
nodejs 3.21-main 14.16.0-r0 None possibly vulnerable
nodejs 3.21-main 14.15.5-r0 None possibly vulnerable
nodejs 3.21-main 14.15.4-r0 None possibly vulnerable
nodejs 3.21-main 14.15.1-r0 None possibly vulnerable
nodejs 3.21-main 12.18.4-r0 None possibly vulnerable
nodejs 3.21-main 12.18.0-r0 None possibly vulnerable
nodejs 3.21-main 12.15.0-r0 None possibly vulnerable
nodejs 3.21-main 10.16.3-r0 None possibly vulnerable
nodejs 3.21-main 10.15.3-r0 None possibly vulnerable
nodejs 3.21-main 10.14.0-r0 None possibly vulnerable
nodejs 3.21-main 8.11.4-r0 None possibly vulnerable
nodejs 3.21-main 8.11.3-r0 None possibly vulnerable
nodejs 3.21-main 8.11.0-r0 None possibly vulnerable
nodejs 3.21-main 8.9.3-r0 None possibly vulnerable
nodejs 3.21-main 6.11.5-r0 None possibly vulnerable
nodejs 3.21-main 6.11.1-r0 None possibly vulnerable
nodejs 3.20-main 20.15.1-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.20-main 20.13.1-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.20-main 20.12.1-r0 None possibly vulnerable
nodejs 3.20-main 18.18.2-r0 None possibly vulnerable
nodejs 3.20-main 18.17.1-r0 None possibly vulnerable
nodejs 3.20-main 18.14.1-r0 None possibly vulnerable
nodejs 3.20-main 18.12.1-r0 None possibly vulnerable
nodejs 3.20-main 16.17.1-r0 None possibly vulnerable
nodejs 3.20-main 16.13.2-r0 None possibly vulnerable
nodejs 3.20-main 14.18.1-r0 None possibly vulnerable
nodejs 3.20-main 14.17.6-r0 None possibly vulnerable
nodejs 3.20-main 14.17.5-r0 None possibly vulnerable
nodejs 3.20-main 14.17.4-r0 None possibly vulnerable
nodejs 3.20-main 14.16.1-r0 None possibly vulnerable
nodejs 3.20-main 14.16.0-r0 None possibly vulnerable
nodejs 3.20-main 14.15.5-r0 None possibly vulnerable
nodejs 3.20-main 14.15.4-r0 None possibly vulnerable
nodejs 3.20-main 14.15.1-r0 None possibly vulnerable
nodejs 3.20-main 12.18.4-r0 None possibly vulnerable
nodejs 3.20-main 12.18.0-r0 None possibly vulnerable
nodejs 3.20-main 12.15.0-r0 None possibly vulnerable
nodejs 3.20-main 10.16.3-r0 None possibly vulnerable
nodejs 3.20-main 10.15.3-r0 None possibly vulnerable
nodejs 3.20-main 10.14.0-r0 None possibly vulnerable
nodejs 3.20-main 8.11.4-r0 None possibly vulnerable
nodejs 3.20-main 8.11.3-r0 None possibly vulnerable
nodejs 3.20-main 8.11.0-r0 None possibly vulnerable
nodejs 3.20-main 8.9.3-r0 None possibly vulnerable
nodejs 3.20-main 6.11.5-r0 None possibly vulnerable
nodejs 3.20-main 6.11.1-r0 None possibly vulnerable
nodejs 3.19-main 20.15.1-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 20.12.1-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 20.11.1-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 20.11.0-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 20.10.0-r1 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 20.10.0-r0 Jakub Jirutka <jakub@jirutka.cz> possibly vulnerable
nodejs 3.19-main 18.18.2-r0 None possibly vulnerable
nodejs 3.19-main 18.17.1-r0 None possibly vulnerable
nodejs 3.19-main 18.14.1-r0 None possibly vulnerable
nodejs 3.19-main 18.12.1-r0 None possibly vulnerable
nodejs 3.19-main 16.17.1-r0 None possibly vulnerable
nodejs 3.19-main 16.13.2-r0 None possibly vulnerable
nodejs 3.19-main 14.18.1-r0 None possibly vulnerable
nodejs 3.19-main 14.17.6-r0 None possibly vulnerable
nodejs 3.19-main 14.17.5-r0 None possibly vulnerable
nodejs 3.19-main 14.17.4-r0 None possibly vulnerable
nodejs 3.19-main 14.16.1-r0 None possibly vulnerable
nodejs 3.19-main 14.16.0-r0 None possibly vulnerable
nodejs 3.19-main 14.15.5-r0 None possibly vulnerable
nodejs 3.19-main 14.15.4-r0 None possibly vulnerable
nodejs 3.19-main 14.15.1-r0 None possibly vulnerable
nodejs 3.19-main 12.18.4-r0 None possibly vulnerable
nodejs 3.19-main 12.18.0-r0 None possibly vulnerable
nodejs 3.19-main 12.15.0-r0 None possibly vulnerable
nodejs 3.19-main 10.16.3-r0 None possibly vulnerable
nodejs 3.19-main 10.15.3-r0 None possibly vulnerable
nodejs 3.19-main 10.14.0-r0 None possibly vulnerable
nodejs 3.19-main 8.11.4-r0 None possibly vulnerable
nodejs 3.19-main 8.11.3-r0 None possibly vulnerable
nodejs 3.19-main 8.11.0-r0 None possibly vulnerable
nodejs 3.19-main 8.9.3-r0 None possibly vulnerable
nodejs 3.19-main 6.11.5-r0 None possibly vulnerable
nodejs 3.19-main 6.11.1-r0 None possibly vulnerable
go edge-community 1.25.3-r0 Achill Gilgenast <achill@achill.org> possibly vulnerable
go edge-community 1.25.2-r0 Achill Gilgenast <achill@achill.org> possibly vulnerable
go edge-community 1.25.1-r0 Achill Gilgenast <achill@achill.org> possibly vulnerable
go edge-community 1.25.0-r0 Achill Gilgenast <achill@achill.org> possibly vulnerable
go edge-community 1.24.6-r1 Achill Gilgenast <achill@achill.org> possibly vulnerable
go edge-community 1.24.6-r0 fossdd <fossdd@pwned.life> possibly vulnerable
go edge-community 1.24.5-r1 fossdd <fossdd@pwned.life> possibly vulnerable
go edge-community 1.24.5-r0 fossdd <fossdd@pwned.life> possibly vulnerable
go edge-community 1.24.4-r0 fossdd <fossdd@pwned.life> possibly vulnerable
go edge-community 1.24.3-r1 None possibly vulnerable
go edge-community 1.24.3-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.24.2-r1 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.24.2-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.24.1-r1 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.24.1-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.24.0-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.23.6-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.23.5-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.23.4-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go edge-community 1.23.3-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go 3.22-community 1.24.10-r0 None possibly vulnerable
go 3.22-community 1.24.9-r0 None possibly vulnerable
go 3.22-community 1.24.8-r0 None possibly vulnerable
go 3.22-community 1.24.7-r0 None possibly vulnerable
go 3.22-community 1.24.6-r0 None possibly vulnerable
go 3.22-community 1.24.4-r0 None possibly vulnerable
go 3.22-community 1.24.3-r0 None possibly vulnerable
go 3.22-community 1.24.2-r0 None possibly vulnerable
go 3.22-community 1.24.1-r0 None possibly vulnerable
go 3.22-community 1.23.9-r0 Sören Tempel <soeren+alpine@soeren-tempel.net> possibly vulnerable
go 3.22-community 1.23.6-r0 None possibly vulnerable
go 3.22-community 1.23.5-r0 None possibly vulnerable
go 3.22-community 1.23.1-r0 None possibly vulnerable
go 3.22-community 1.22.5-r0 None possibly vulnerable
go 3.22-community 1.22.4-r0 None possibly vulnerable
go 3.22-community 1.22.3-r0 None possibly vulnerable
go 3.22-community 1.22.2-r0 None possibly vulnerable
go 3.22-community 1.22.1-r0 None possibly vulnerable
go 3.22-community 1.21.5-r0 None possibly vulnerable
go 3.22-community 1.21.3-r0 None possibly vulnerable
go 3.22-community 1.21.2-r0 None possibly vulnerable
go 3.22-community 1.21.1-r0 None possibly vulnerable
go 3.22-community 1.20.7-r0 None possibly vulnerable
go 3.22-community 1.20.6-r0 None possibly vulnerable
go 3.22-community 1.20.5-r0 None possibly vulnerable
go 3.22-community 1.20.4-r0 None possibly vulnerable
go 3.22-community 1.20.3-r0 None possibly vulnerable
go 3.22-community 1.20.2-r0 None possibly vulnerable
go 3.22-community 1.20.1-r0 None possibly vulnerable
go 3.22-community 1.19.4-r0 None possibly vulnerable
go 3.22-community 1.19.2-r0 None possibly vulnerable
go 3.22-community 1.19.1-r0 None possibly vulnerable
go 3.22-community 1.18.5-r0 None possibly vulnerable
go 3.22-community 1.18.4-r0 None possibly vulnerable
go 3.22-community 1.18.1-r0 None possibly vulnerable
go 3.22-community 1.17.8-r0 None possibly vulnerable
go 3.22-community 1.17.7-r0 None possibly vulnerable
go 3.22-community 1.17.6-r0 None possibly vulnerable
go 3.22-community 1.17.3-r0 None possibly vulnerable
go 3.22-community 1.17.2-r0 None possibly vulnerable
go 3.22-community 1.17.1-r0 None possibly vulnerable
go 3.22-community 1.17-r0 None possibly vulnerable
go 3.22-community 1.16.7-r0 None possibly vulnerable
go 3.22-community 1.16.6-r0 None possibly vulnerable
go 3.22-community 1.16.5-r0 None possibly vulnerable
go 3.22-community 1.16.4-r0 None possibly vulnerable
go 3.22-community 1.16.2-r0 None possibly vulnerable
go 3.22-community 1.15.7-r0 None possibly vulnerable
go 3.22-community 1.15.5-r0 None possibly vulnerable
go 3.22-community 1.15.2-r0 None possibly vulnerable
go 3.22-community 1.15-r0 None possibly vulnerable
go 3.22-community 1.14.5-r0 None possibly vulnerable
go 3.22-community 1.13.7-r0 None possibly vulnerable
go 3.22-community 1.13.2-r0 None possibly vulnerable
go 3.22-community 1.13.1-r0 None possibly vulnerable
go 3.22-community 1.12.8-r0 None possibly vulnerable
go 3.22-community 1.11.5-r0 None possibly vulnerable
go 3.22-community 1.9.4-r0 None possibly vulnerable