Description
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2020-28435 Vulnerability in npm package ffmpeg-sdk
CVE-2020-5259 Vulnerability in npm package dojox
CVE-2018-20094 Vulnerability in maven package com.xuxueli:xxl-conf
CVE-2022-40152 Vulnerability in maven package com.fasterxml.woodstox:woodstox-core
CVE-2022-22965 Vulnerability in maven package org.springframework.boot:spring-boot-starter-webflux