5 matches found
CVE-2026-21892
Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...
CVE-2026-21892 Parsl Monitoring Visualization Vulnerable to SQL Injection
Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...
CVE-2026-21892
CVE-2026-21892 affects Parsl (Python parallel scripting library) in the parsl-visualize component. Versions prior to 2026.01.05 construct SQL queries using unsafe Python % formatting with user-supplied input (workflow_id) sourced from URL routes, enabling SQL injection by an unauthenticated attac...
PT-2026-2123
Name of the Vulnerable Software and Affected Versions Parsl versions prior to 2026.01.05 Description A SQL Injection issue exists in the parsl-visualize component. The application builds SQL queries using unsafe string formatting with user-supplied input workflow id taken directly from URL routes...
parsl 安全漏洞
parsl is the Parallel Scripting Library open source a parallel scripting library for Python. A security vulnerability exists in parsl versions prior to 2026.01.05, which stems from an SQL injection in the parsl-visualize component that could lead to data exfiltration or denial of service...