4 matches found
PSF-2026-32
In the Tarfile.extract function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract function...
CVE-2025-41116
When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, it could result in the wrong user identifier being used, and information for which the viewer is...
CVE-2025-41116
Grafana is an open-source platform for monitoring and observability. The Grafana-Databricks-Datasource is a plugin allowing Grafana to visualize data from Databricks Enterprise Versions between 1.6.0 and 1.12.0 are vulnerable to a bug when Oauth passthrough is enabled, and multiple users are usin...
PostgreSQL SET ROLE SET SESSION AUTHORIZATION reset to wrong user ID
...