CVE-2024-39721 - Ollama denial of service (DoS)

3 weeks ago 8
ARTICLE AD BOX
CVE ID : CVE-2024-39721
Published : Oct. 31, 2024, 8:15 p.m. | 24 minutes ago
Description : An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely (even after the HTTP request is aborted by the client).
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article