QSearchQSearch

CVE-2021-41329

6.5 MEDIUM

Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their ...

Published: 2021-09-27 · Last updated: 2026-06-17

Severity and scoring

CVSS
6.5 MEDIUM
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE
CWE-682

Affected products

VendorProduct
datalustseq

Description

Datalust Seq before 2021.2.6259 allows users (with view filters applied to their accounts) to see query results not constrained by their view filter. This information exposure, caused by an internal cache key collision, occurs when the user's view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2021-43270 Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 2... (7.5 HIGH)

Same CWE

  • CVE-2026-44074 Netatalk 2.1.0 through 4.4.2 combines multiple errno values using bitwise OR, resulting in incorrect error codes when multiple error cond... (3.7 LOW)
  • CVE-2026-7836 An incorrect calculation in the hextoint macro in Netatalk 2.0.0 through 4.4.2 due to improper uppercase character handling allows a remo... (3.1 LOW)
  • CVE-2023-7346 Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin ... (4.0 MEDIUM)
  • CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for ke... (5.0 MEDIUM)
  • CVE-2021-41122 Vyper is a Pythonic Smart Contract Language for the EVM (4.3 MEDIUM)