CVE-2021-41329

Name of the Vulnerable Software and Affected Versions Datalust Seq versions prior to 2021.2.6259

Description The issue allows users with view filters applied to their accounts to see query results not constrained by their view filter. This information exposure is caused by an internal cache key collision and occurs when the user's view filter includes an array or IN clause, and when another user has recently executed an identical query differing only by the array elements.

Recommendations For versions prior to 2021.2.6259, update to version 2021.2.6259 or later to resolve the issue. As a temporary workaround, consider restricting the use of array or IN clauses in view filters to minimize the risk of exploitation.