EPSS
Percentile
72.4%
aaptjs is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the cmd user input allowing an attacker to inject maliciously craft code via the exec command in the promistify function.
cmd
exec
promistify
github.com/shenzhim/aaptjs/issues/2