Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-39722 PoC — Ollama 安全漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/%E4%BA%BA%E5%B7%A5%E6%99%BA%E8%83%BD%E6%BC%8F%E6%B4%9E/Ollama%20%E6%96%87%E4%BB%B6%E5%AD%98%E5%9C%A8%E6%80%A7%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E%20CVE-2024-39722.md
Associated Vulnerability
Title:Ollama 安全漏洞 (CVE-2024-39722)
Description:Ollama是Ollama开源的一个可以在本地启动并运行的大型语言模型。 Ollama 0.1.46之前版本存在安全漏洞,该漏洞源于api/push路由中存在路径遍历漏洞,导致部署服务器上的文件暴露。
File Snapshot

 # Ollama 文件存在性泄露漏洞 CVE-2024-39722

## 漏洞描述

Ollama 0.1.45 及之前的版本中,攻击者可以通过 `api/push` 端点的路径遍历暴露服务器上存在

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.