CVE-2024-45436
Published: 29 August 2024
Summary
CVE-2024-45436 is a high-severity Path Traversal (CWE-22) vulnerability in Ollama Ollama. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 3.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Ollama before version 0.1.47 contains a path traversal vulnerability in the extractFromZipFile function within model.go. The flaw, tracked as CWE-22, permits extraction of ZIP archive members outside the intended parent directory when processing model files, affecting any deployment that accepts untrusted archives over the network. The issue carries a CVSS 3.1 score of 7.5 with network attack vector, low complexity, and no required privileges or user interaction.
An unauthenticated remote attacker can supply a malicious ZIP archive to trigger arbitrary file writes on the server filesystem. Successful exploitation yields high confidentiality impact by allowing access to sensitive files outside the extraction directory while leaving integrity and availability unaffected.
The referenced GitHub pull request and version comparison show that the vulnerability is resolved in Ollama 0.1.47 by correcting the extraction logic to enforce directory boundaries. The EPSS score has remained near 0.29 with only minor fluctuation between its recorded peak and current value.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-2532
Vulnerability details
extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.