CVE-2024-37032

Exploit

EPSS 93.82%
Veröffentlicht 31.05.2024 04:15:09
Zuletzt bearbeitet 01.05.2025 14:01:44
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ollama ≫ Ollama Version < 0.1.34

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	93.82%	0.999

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58

Product

https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34

Release Notes

https://github.com/ollama/ollama/pull/4175

Issue Tracking

https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2024-37032

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-37032

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-37032

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2024-37032