CNNVD-202601-1467 Information

CNNVD ID

CNNVD-202601-1467

Related CVE

CVE-2026-21892

• CNNVD Published: 2026-01-08

Description (Chinese)

parsl是Parallel Scripting Library开源的一个Python的并行脚本库。 parsl 2026.01.05之前版本存在安全漏洞，该漏洞源于parsl-visualize组件存在SQL注入，可能导致数据渗漏或拒绝服务。

Description (English)

Parsl is a parallel Python script library from Parallel Scripting Library. The pre-parsl 2026.01.05 version contains a security loophole that originates from the SQL injection of the parsl-visualize component, which may lead to data leakage or denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Parallel Scripting Library

Published

2026-01-08

Last Modified

2026-02-24

References

https://github.com/Parsl/parsl/commit/013a928461e70f38a33258bd525a351ed828e974 https://github.com/Parsl/parsl/security/advisories/GHSA-f2mf-q878-gh58 https://access.redhat.com/security/cve/cve-2026-21892

Patch

https://github.com/Parsl/parsl/tags