Description
An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters.
Remediation
References
https://github.com/shenzhim/aaptjs/issues/2
Related Vulnerabilities
CVE-2021-23358 Vulnerability in maven package org.webjars.bowergithub.jashkenas:underscore
CVE-2022-39299 Vulnerability in npm package node-saml
CVE-2022-40084 Vulnerability in maven package org.opencrx:opencrx-core
CVE-2019-10776 Vulnerability in npm package git-diff-apply
CVE-2023-30520 Vulnerability in maven package org.jenkins-ci.plugins:quayio-trigger