|
Qdrant |
Default
Summary A security vulnerability has been discovered in Qdrant affecting all versions prior to v1.9, described in CVE-2024-3829. The vulnerability allows an attacker to upload arbitrary files to the filesystem, which can be used to gain remote code execution. This is a different but similar vulnerability to CVE-2024-2221, announced in April 2024.
The vulnerability does not materially affect Qdrant cloud deployments, as that filesystem is read-only and authentication is enabled by default.