AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-37032: Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path,

highvulnerability

security

Source: NVD/CVE DatabaseMay 31, 2024CVE-2024-37032

Summary

Ollama versions before 0.1.34 have a security flaw where they don't properly check the format of digests (sha256 hashes that should be exactly 64 hexadecimal digits) when looking up model file paths. This allows attackers to bypass security checks by using invalid digest formats, such as ones with too few digits, too many digits, or paths starting with '../' (a path traversal technique that accesses files outside the intended directory).

Solution / Mitigation

Update Ollama to version 0.1.34 or later. The fix is available in the release notes at https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34 and was implemented in pull request #4175.

Vulnerability Details

CVSS Score

8.8(high)

EPSS (30-day exploit probability)

EPSS: 93.8%

Classification

Attack SophisticationModerate

Impact (CIA+S)

integrityconfidentiality

AI Component TargetedInference

Taxonomy References

CWE (Weakness Type)

CWE-22

CAPEC (Attack Pattern)

CAPEC-126

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-37032

First tracked: February 15, 2026 at 08:44 PM

Classified by LLM (prompt v3) · confidence: 92%