Skip to content

Path traversal in Ollama with rogue registry server

License

Notifications You must be signed in to change notification settings

Bi0x/CVE-2024-37032

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2024-37032

Path traversal in Ollama with rogue registry server

Vulnerability environment

docker run -d -v ollama:/root/.ollama -p 11434:11434 --name ollama ollama/ollama:0.1.33

Rogue registry server

  • Please modify HOST to your host MUST WITHOUT PORT
  • Run with python3 server.py

Run poc

  • Please modify HOST to your rogue registry server host, and target_url to vulnerability host
  • Run python3 poc.py and check rogue registry server log

About

Path traversal in Ollama with rogue registry server

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages