Description
An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2021-23639 Vulnerability in npm package md-to-pdf
CVE-2022-31108 Vulnerability in maven package org.webjars.bower:mermaid
CVE-2023-22899 Vulnerability in maven package net.lingala.zip4j:zip4j
CVE-2022-39353 Vulnerability in maven package org.webjars.npm:xmldom
CVE-2021-4307 Vulnerability in maven package org.webjars.npm:baobab