VYPR

CWE-627

Dynamic Variable Evaluation

VariantIncomplete

Description

In a language where the user can influence the name of a variable at runtime, if the variable names are not controlled, an attacker can read or write to arbitrary variables, or access arbitrary functions.

The resultant vulnerabilities depend on the behavior of the application, both at the crossover point and in any control/data flow that is reachable by the related variables or functions.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (3)

  • CVE-2025-55346CriAug 14, 2025
    risk 0.64cvss 9.8epss 0.17

    User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request.

  • CVE-2026-2415Feb 16, 2026
    risk 0.00cvss epss 0.00

    Emails sent by pretix can utilize placeholders that will be filled with customer data. For example, when {name} is used in an email template, it will be replaced with the buyer's name for the final email. This mechanism contained two security-relevant bugs: * It was…

  • CVE-2024-8953Mar 20, 2025
    risk 0.00cvss epss 0.01

    In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function.