<p>Upgrade <code>Eve</code> to version 2.0.4 or higher.</p>

Incorrect Type Conversion or Cast Affecting eve package, versions [,2.0.4)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-PYTHON-EVE-5891053
published 10 Sep 2023
disclosed 1 Sep 2023
credit Unknown

Report a new vulnerability Found a mistake?

Introduced: 1 Sep 2023

CWE-704 Open this link in a new tab

How to fix?

Upgrade Eve to version 2.0.4 or higher.

Overview

Affected versions of this package are vulnerable to Incorrect Type Conversion or Cast where different types are compared, leading to an invalid state. This issue makes the nested code block non-executable, producing invalid data.

References

GitHub Commit

CVSS Scores

version 3.1

Attack Vector (AV)

Network
Attack Complexity (AC)

Low
Privileges Required (PR)

None
User Interaction (UI)

None

Scope (S)

Unchanged

Confidentiality (C)

None
Integrity (I)

Low
Availability (A)

None

Incorrect Type Conversion or Cast Affecting eve package, versions [,2.0.4)

Severity

CVSS assessment made by Snyk's Security Team

Introduced: 1 Sep 2023

How to fix?

Overview

References

CVSS Scores

Snyk