目标达成 感谢每一位支持者 — 我们达成了 100% 目标!

目标: 1000 元 · 已筹: 1325

100%
请我们喝杯咖啡

CWE-95 动态执行代码中指令转义处理不恰当(Eval注入) 类漏洞列表 114

CWE-95 动态执行代码中指令转义处理不恰当(Eval注入) 类弱点 114 条 CVE 漏洞汇总,含 AI 中文分析。

CWE-95 属于代码注入类漏洞,指程序在接收上游输入后,未正确净化代码语法便直接用于动态执行调用(如 eval)。攻击者通常通过构造恶意输入,诱导程序执行任意代码,从而获取系统控制权或窃取数据。开发者应避免使用动态执行函数,若必须使用,需严格对输入进行白名单校验或转义特殊字符,确保仅允许预期的安全代码片段被执行,从而从根源上阻断注入风险。

MITRE CWE 官方描述
CWE:CWE-95 动态评估代码中指令的不当中和('Eval Injection') 英文:产品从上游组件接收输入,但在将输入用于动态评估调用(例如 "eval")之前,未对代码语法进行中和或中和不当。
常见影响 (5)
ConfidentialityRead Files or Directories, Read Application Data
The injected code could access restricted data / files.
Access ControlBypass Protection Mechanism
In some cases, injectable code controls authentication; this may lead to a remote vulnerability.
Access ControlGain Privileges or Assume Identity
Injected code can access resources that the attacker is directly prevented from accessing.
Integrity, Confidentiality, Availability, OtherExecute Unauthorized Code or Commands
Code injection attacks can lead to loss of data integrity in nearly all cases as the control-plane data injected is always incidental to data recall or writing. Additionally, code injection can often result in the execution of arbitrary code or at least modify what code can be executed.
Non-RepudiationHide Activities
Often the actions performed by injected control code are unlogged.
缓解措施 (4)
Architecture and Design, ImplementationIf possible, refactor your code so that it does not need to use eval() at all.
ImplementationAssume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full range…
ImplementationInputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180, CWE-181). Make sure that your application does not inadvertently decode the same input twice (CWE-174). Such errors could be used to bypass allowlist schemes by introducing dangerous inputs after they have been checked. Use libraries such as the OWASP ESAPI Canonicalizat…
ImplementationFor Python programs, it is frequently encouraged to use the ast.literal_eval() function instead of eval, since it is intentionally designed to avoid executing code. However, an adversary could still cause excessive memory or stack consumption via deeply nested structures [REF-1372], so the python documentation discourages use of ast.literal_eval() on untrusted data [REF-1373].
Effectiveness: Discouraged Common Practice
代码示例 (2)
edit-config.pl: This CGI script is used to modify settings in a configuration file.
use CGI qw(:standard); sub config_file_add_key { my ($fname, $key, $arg) = @_; # code to add a field/key to a file goes here } sub config_file_set_key { my ($fname, $key, $arg) = @_; # code to set key to a particular file goes here } sub config_file_delete_key { my ($fname, $key, $arg) = @_; # code to delete key from a particular file goes here } sub handleConfigAction { my ($fname, $action) = @_; my $key = param('key'); my $val = param('val'); # this is super-efficient code, especially if you have to invoke # any one of dozens of different functions! my $code = "config_file_$action_key(\$fnam
Bad · Perl
add_key(",","); system("/bin/ls");
Attack
This simple python3 script asks a user to supply a comma-separated list of numbers as input and adds them together.
def main(): sum = 0 try: numbers = eval(input("Enter a comma-separated list of numbers: ")) except SyntaxError: print("Error: invalid input") return for num in numbers: sum = sum + num print(f"Sum of {numbers} = {sum}") main()
Bad · Python
__import__('subprocess').getoutput('rm -r *')
Attack
CVE ID标题CVSS风险等级Published
CVE-2025-54322 Xspeeder SXZOS 安全漏洞 — SXZOS 10.0 Critical2025-12-27
CVE-2025-66474 XWiki Rendering 安全漏洞 — xwiki-rendering 8.8AIHighAI2025-12-10
CVE-2025-12140 Simple SA Wirtualna Uczelnia 安全漏洞 — Wirtualna Uczelnia 9.8 -2025-11-27
CVE-2025-64496 Open WebUI 安全漏洞 — open-webui 7.3 High2025-11-08
CVE-2025-61955 F5 F5OS-A和F5 F5OS-C 安全漏洞 — F5OS - Appliance 7.8 High2025-10-15
CVE-2011-10033 WordPress plugin is-human 安全漏洞 — is-human WordPress Plugin 9.8AICriticalAI2025-10-15
CVE-2025-48868 Horilla 安全漏洞 — horilla 7.2 High2025-09-24
CVE-2025-55728 xwiki-pro-macros 安全漏洞 — xwiki-pro-macros 10.0 Critical2025-09-09
CVE-2025-55727 xwiki-pro-macros 安全漏洞 — xwiki-pro-macros 10.0 Critical2025-09-09
CVE-2025-58365 XWiki Contrib Mocca Calendar Application 安全漏洞 — application-blog 8.8AIHighAI2025-09-08
CVE-2025-8420 WordPress plugin Request a Quote Form 安全漏洞 — Campus Directory – Faculty, Staff & Student Directory Plugin for WordPress 8.1 High2025-08-06
CVE-2013-10070 PHP-Charts 安全漏洞 — PHP-Charts 9.8AICriticalAI2025-08-05
CVE-2013-10051 InstantCMS 安全漏洞 — InstantCMS 9.8 -2025-08-01
CVE-2025-3753 Robot Operating System 安全漏洞 — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-41921 Robot Operating System 安全漏洞 — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-41148 Robot Operating System 安全漏洞 — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-39835 Robot Operating System 安全漏洞 — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2024-39289 Robot Operating System 安全漏洞 — Robot Operating System (ROS) 7.8 High2025-07-17
CVE-2025-6101 letta-ai letta 安全漏洞 — letta 5.5 Medium2025-06-16
CVE-2025-49598 conda forge ci-setup 安全漏洞 — conda-forge-ci-setup-feedstock 9.8AICriticalAI2025-06-13
CVE-2025-4318 Amplify Codegen UI 安全漏洞 — Amplify Studio 6.4AIMediumAI2025-05-05
CVE-2025-32435 Hydra 安全漏洞 — hydra 2.6 Low2025-04-15
CVE-2025-27603 Confluence Migrator Application 安全漏洞 — application-confluence-migrator-pro 9.1 Critical2025-03-07
CVE-2025-24893 XWiki Platform 安全漏洞 — xwiki-platform 9.8 Critical2025-02-20
CVE-2025-0868 DocsGPT 安全漏洞 — DocsGPT 9.8 -2025-02-20
CVE-2024-10633 WordPress plugin Quiz Maker Business, Developer, and Agency 安全漏洞 — Quiz Maker Developer 7.3 High2025-01-26
CVE-2024-8512 WordPress plugin W3SPEEDSTER 安全漏洞 — W3SPEEDSTER 9.1 Critical2024-10-30
CVE-2024-45858 Guardrails 安全漏洞 — guardrails 7.8 High2024-09-18
CVE-2024-45851 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12
CVE-2024-45850 MindsDB 安全漏洞 — mindsdb 8.8 High2024-09-12

CWE-95(动态执行代码中指令转义处理不恰当(Eval注入)) 是常见的弱点类别,本平台收录该类弱点关联的 114 条 CVE 漏洞。