3 matches found
CVE-2024-3829
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...
CVE-2024-3829 Arbitrary File Read and Write during Snapshot Recovery in qdrant/qdrant
qdrant/qdrant version 1.9.0-dev is vulnerable to arbitrary file read and write during the snapshot recovery process. Attackers can exploit this vulnerability by manipulating snapshot files to include symlinks, leading to arbitrary file read by adding a symlink that points to a desired file on the...
CVE-2024-3829
CVE-2024-3829 affects qdrant/qdrant 1.9.0-dev. The root cause is arbitrary file read/write during the snapshot recovery process via manipulated snapshot files containing symlinks, enabling an attacker to read arbitrary files and write payloads in the snapshot directory. The issue is fixed in vers...