Description
An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2021-21353 Vulnerability in maven package org.webjars.npm:pug
CVE-2021-40663 Vulnerability in npm package deep.assign
CVE-2020-5243 Vulnerability in npm package uap-core
CVE-2023-29213 Vulnerability in maven package org.xwiki.platform:xwiki-platform-logging-script
CVE-2022-25312 Vulnerability in maven package org.apache.any23:apache-any23