CVE-2024-36138 | Node.js up to 18.20.3/20.15.0/22.4.0 on Windows Incomplete Fix CVE-2024-27980 child_process.spawn/child_process.spawnSync command injection

Çağlar Arlı - 8 Views

CVE-2024-36138 | Node.js up to 18.20.3/20.15.0/22.4.0 on Windows Incomplete Fix CVE-2024-27980 child_process.spawn/child_process.spawnSync command injection

A vulnerability, which was classified as critical, has been found in Node.js up to 18.20.3/20.15.0/22.4.0 on Windows. Affected by this issue is the function child_process.spawn/child_process.spawnSync of the component Incomplete Fix CVE-2024-27980. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-36138. The attack may be launched remotely. There is no exploit available.

P	S	Ç	P	C	C	P
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Annanowa

CVE-2024-36138 | Node.js up to 18.20.3/20.15.0/22.4.0 on Windows Incomplete Fix CVE-2024-27980 child_process.spawn/child_process.spawnSync command injection

CVE-2024-36138 | Node.js up to 18.20.3/20.15.0/22.4.0 on Windows Incomplete Fix CVE-2024-27980 child_process.spawn/child_process.spawnSync command injection

Son Yazılar

Son Yorumlar