CVE-2018-8097: Eve allows execution of arbitrary code

Severity: Critical

CVSS Score: 9.8

io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.