Lucene search
K
Aaptjs ProjectAaptjs

7 matches found

CVE
CVE
added 2021/10/31 7:51 p.m.73 views

CVE-2020-36379

CVE-2020-36379 affects shenzhim aaptjs 1.3.1 where the remove function is vulnerable. The evidence consistently states that an attacker can trigger remote code execution by supplying crafted filePath parameters, enabling arbitrary code execution via a network vector. Several connected records (Re...

9.8CVSS9.7AI score0.0181EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.58 views

CVE-2020-36378

CVE-2020-36378 affects shenzhim aaptjs 1.3.1, where the packageCmd function allows remote arbitrary code execution via filePath parameters. The issue enables an attacker to execute arbitrary code and is rated with high/critical impact (CVSS v3.1: 9.8) with network access and no privileges require...

9.8CVSS9.7AI score0.0181EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.54 views

CVE-2020-36376

CVE-2020-36376 affects shenzhim aaptjs 1.3.1 (node wrapper for aapt). The list function accepts a filePath parameter that can be exploited to execute arbitrary code, enabling RCE. Public sources (NVD and other aggregations) assign a high/critical impact with network attack vector and no user inte...

9.8CVSS9.7AI score0.0181EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.54 views

CVE-2020-36381

Vulnerability details (CVE-2020-36381): In shenzhim aaptjs v1.3.1, the singleCrunch function allows arbitrary code execution via the filePath parameter. This node wrapper for aapt is reported to be vulnerable across multiple sources (NVD entry and vendor/advisories). Affected component: singleCru...

9.8CVSS9.7AI score0.0181EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.53 views

CVE-2020-36377

CVE-2020-36377 affects shenzhim aaptjs 1.3.1. The dump function is exploitable to execute arbitrary code via the filePath parameter, with the CVSSv3.1 impact listed as CRITICAL (9.8) and network attack vector. The available documents consistently describe remote code execution in the dump functio...

9.8CVSS9.7AI score0.0181EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.52 views

CVE-2020-36380

CVE-2020-36380 : In shenzhim aaptjs 1.3.1, the crunch function accepts unvalidated filePath parameters, enabling arbitrary code execution. Multiple sources (NVD entry and linked advisories) describe remote code execution via this parameter, with CVSS v3.1 base score 9.8 (CRITICAL) and CVSS v2.0 b...

9.8CVSS9.7AI score0.02115EPSS
CVE
CVE
added 2021/10/31 7:51 p.m.46 views

CVE-2020-26707

CVE-2020-26707 affects Shenzhim AAPTJS 1.3.1. The issue lies in the add function, where the filePath parameter can be manipulated to execute arbitrary code. Public sources in the dataset corroborate a high-severity, network-exposed flaw with depicted impact on confidentiality, integrity, and avai...

9.8CVSS9.7AI score0.0181EPSS