5 matches found
CVE-2026-21892
Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...
CVE-2026-21892 Parsl Monitoring Visualization Vulnerable to SQL Injection
Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting Python % operator with user-supplied input workflowid directly from URL routes...
CVE-2026-21892
CVE-2026-21892 affects Parsl (Python parallel scripting library) in the parsl-visualize component. Versions prior to 2026.01.05 construct SQL queries using unsafe Python % formatting with user-supplied input (workflow_id) sourced from URL routes, enabling SQL injection by an unauthenticated attac...
PT-2026-2123
Name of the Vulnerable Software and Affected Versions Parsl versions prior to 2026.01.05 Description A SQL Injection issue exists in the parsl-visualize component. The application builds SQL queries using unsafe string formatting with user-supplied input workflow id taken directly from URL routes...
CVE-2024-2689
Denial of Service in Temporal Server prior to version 1.20.5, 1.21.6, and 1.22.7 allows an authenticated user who has permissions to interact with workflows and has crafted an invalid UTF-8 string for submission to potentially cause a crashloop. If left unchecked, the task containing the invalid...