Skip to content
/ CVE-2024-37032 Public

Path traversal in Ollama with rogue registry server

License

MIT license
20 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Bi0x/CVE-2024-37032

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
rogue_registry_server
rogue_registry_server
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
poc.py
poc.py
 
 
requirements.txt
requirements.txt
 
 
screenshot.png
screenshot.png
 
 

Repository files navigation

CVE-2024-37032

Path traversal in Ollama with rogue registry server

Vulnerability environment

docker run -d -v ollama:/root/.ollama -p 11434:11434 --name ollama ollama/ollama:0.1.33

Rogue registry server

  • Please modify HOST to your host MUST WITHOUT PORT
  • Run with python3 server.py

Run poc

  • Please modify HOST to your rogue registry server host, and target_url to vulnerability host
  • Run python3 poc.py and check rogue registry server log

About

Path traversal in Ollama with rogue registry server

Resources

Readme

License

MIT license
Activity

Stars

20 stars

Watchers

1 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages