CVE-2018-8097

io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
Configurations

Configuration 1 (hide)

cpe:2.3:a:python-eve:eve:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-03-14 12:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-8097

Mitre link : CVE-2018-8097

CVE.ORG link : CVE-2018-8097


JSON object : View

Products Affected

python-eve

  • eve
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')