3 matches found
DEBIAN-CVE-2026-21892
Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...
blt-funcx-toolkit (>=0.1.0 <=0.1.0rc4), braid-db (=0.1.0a1) +9 more potentially affected by CVE-2026-21892 via parsl (>=0.3.1 <=2025.9.15)
parsl PYPI version =0.3.1, =0.1.0, =0.0.10, =0.0.1a6, =0.0.3, =0.2.0, =0.1.0.dev0, =0.0.1a0, =0.1.0, =0.1.5 - sr-midas =0.1.2 Source cves: CVE-2026-21892 Source advisory: OSV:GHSA-F2MF-Q878-GH58...
CVE-2026-21892
creationtimestamp| type| source ---|---|--- 2026-01-06 08:36:39+00:00| published-proof-of-concept| https://github.com/Parsl/parsl/security/advisories/GHSA-f2mf-q878-gh58 2026-01-08 16:06:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mbwef7yt4a2e...