Description
An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2020-28436 Vulnerability in npm package google-cloudstorage-commands
CVE-2019-5427 Vulnerability in maven package c3p0:c3p0
CVE-2022-34115 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2020-36185 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-29215 Vulnerability in maven package org.apache.linkis:linkis-common