23 matches found
CVE-2020-36377
CVE-2020-36377 affects shenzhim aaptjs 1.3.1. The dump function is exploitable to execute arbitrary code via the filePath parameter, with the CVSSv3.1 impact listed as CRITICAL (9.8) and network attack vector. The available documents consistently describe remote code execution in the dump functio...
CVE-2020-36376
An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath parameters...
CVE-2020-36376
CVE-2020-36376 affects shenzhim aaptjs 1.3.1 (node wrapper for aapt). The list function accepts a filePath parameter that can be exploited to execute arbitrary code, enabling RCE. Public sources (NVD and other aggregations) assign a high/critical impact with network attack vector and no user inte...