cwltool@3.0.20200317203547 vulnerabilities

Common workflow language reference implementation

latest version

3.1.20240508115724
latest non vulnerable version

3.1.20240508115724
first published

10 years ago
latest version published

3 days ago
licenses detected
- Apache-2.0
  [0,)
View cwltool package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cwltool package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Race Condition cwltool is a Common workflow language reference implementation Affected versions of this package are vulnerable to Race Condition when a podman process finishes even before reaching the monitoring method. This triggers a deadlock, as `process.returncode` does not get updated and spawned process is in zombie state (so, no signal is sent). How to fix Race Condition? Upgrade `cwltool` to version 3.1.20230906142556 or higher.	[,3.1.20230906142556)

Race Condition

cwltool is a Common workflow language reference implementation

Affected versions of this package are vulnerable to Race Condition when a podman process finishes even before reaching the monitoring method. This triggers a deadlock, as process.returncode does not get updated and spawned process is in zombie state (so, no signal is sent).

How to fix Race Condition?

Upgrade cwltool to version 3.1.20230906142556 or higher.

[,3.1.20230906142556)

Go back to all versions of this package

cwltool@3.0.20200317203547 vulnerabilities

Common workflow language reference implementation

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities