Description
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2020-6461 Vulnerability in npm package electron
CVE-2020-1956 Vulnerability in maven package org.apache.kylin:kylin-core-common
CVE-2020-8131 Vulnerability in npm package yarn
CVE-2020-8570 Vulnerability in maven package io.kubernetes:client-java
CVE-2021-3597 Vulnerability in maven package io.undertow:undertow-core