8.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-28224

GHSA ID

GHSA-5jx5-hqx5-2vrj

EPSS Score

0.29377%

CWE

CWE-290

Published

4/8/2024

Updated

6/10/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2024-28224

CVE-2024-28224: Ollama DNS rebinding vulnerability

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service (resource exhaustion).

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2024-28224

CVE-2024-28224:

8.8

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2024-28224

GHSA ID

GHSA-5jx5-hqx5-2vrj

EPSS Score

0.29377%

CWE

CWE-290

Published

4/8/2024

Updated

6/10/2024

KEV Status

Technology

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/ollama/ollama	go	< 0.1.29	0.1.29

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from two key issues: 1) Reliance on DNS-based validation (CWE-350) for security decisions, and 2) Lack of proper authentication (CWE-290). While exact function names aren't available, the nature of DNS rebinding vulnerabilities typically involves HTTP request handlers that: - Trust the Host header without validation - Fail to implement proper CORS restrictions - Lack CSRF protections The high confidence comes from the vulnerability pattern matching typical DNS rebinding attack vectors in web services, where API endpoints are exposed without proper origin validation. The NCC Group advisory confirms attackers could access the full API surface, indicating missing authorization checks in core request handling functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.8

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2024-28224: Ollama DNS rebinding vulnerability

CVE-2024-28224:

8.8

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2024-28224: Ollama DNS rebinding vulnerability

8.8

8.8

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI