SiteShadow
Back to vulnerability library
Detected byCWE-aware static analysisPro

CWE-95 Eval Injection

Coverage: 15 rules in the SiteShadow rule registry target this CWE (registry v2.0.0). Regex 15 Also: Taint and heuristic analyzers may also detect related flows (see coverage for the authoritative list) Registry tagging shows intent, for sample-level behaviour and benchmarked gaps see known gaps.

What this means

SiteShadow flagged code that evaluates untrusted input using an "eval-like" mechanism (direct eval, expression evaluation, dynamic language execution).

Why it matters

Eval injection can lead to arbitrary code execution.

Safer examples

1) Don't eval user input

# Bad: eval(user_expr)
# Good: parse a known format and validate
n = int(user_input)

2) Use allowlists for supported operations

If you need "expressions," implement a tiny allowlisted parser rather than eval.

3) Isolate high-risk evaluation

If evaluation is unavoidable, sandbox it aggressively and remove access to filesystem/network (still risky).

How SiteShadow detects it (high level)

References

---

← Back to Vulnerability Library

Catch this with SiteShadow Pro.

This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.