CVE-2024-3078

A vulnerability was found in Qdrant up to 1.6.1/1.7.4/1.8.2 and classified as critical. This issue affects some unknown processing of the file lib/collection/src/collection/snapshots.rs of the component Full Snapshot REST API. The manipulation leads to path traversal. Upgrading to version 1.8.3 is ...

CVE-2024-2221

qdrant/qdrant is vulnerable to a path traversal and arbitrary file upload vulnerability via the /collections/{COLLECTION}/snapshots/upload endpoint, specifically through the snapshot parameter. This vulnerability allows attackers to upload and overwrite any file on the filesystem, leading to potent...