Description
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2023-3635 Vulnerability in maven package com.squareup.okio:okio
CVE-2023-37961 Vulnerability in maven package org.jenkins-ci.plugins:assembla-auth
CVE-2022-28355 Vulnerability in maven package org.scala-js:scalajs-library_2.13
CVE-2020-7680 Vulnerability in maven package org.webjars.npm:docsify
CVE-2021-26073 Vulnerability in npm package atlassian-connect-express