Description
An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2022-2390 Vulnerability in maven package com.google.android.gms:play-services-basement
CVE-2020-7597 Vulnerability in npm package codecov
CVE-2017-16091 Vulnerability in npm package xtalk
CVE-2022-24279 Vulnerability in npm package madlib-object-utils
CVE-2021-45105 Vulnerability in maven package org.apache.logging.log4j:log4j-core