WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2020-36377 Vulnerability in npm package aaptjs

Description

An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.

Remediation

References

https://github.com/shenzhim/aaptjs/issues/2

Related Vulnerabilities

CVE-2021-41183 Vulnerability in maven package org.webjars.bower:jquery-ui

CVE-2021-22096 Vulnerability in maven package org.springframework:spring-webflux

CVE-2020-13822 Vulnerability in npm package elliptic

CVE-2022-25844 Vulnerability in npm package angular

CVE-2020-9495 Vulnerability in maven package org.apache.archiva:archiva

Severity

Critical

Classification

CWE-78 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Issue Tracking Third Party Advisory