Security Advisory

CVE-2024-39719

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-31 00:00:00

Last updated 2024-11-01 15:41:25

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api/create. When calling the CreateModel route with a path parameter that does not exist, it reflects the "File does not exist" error message to the attacker, providing a primitive for file existence on the server.

← Browse all CVEs View on cve.org ↗