CVE-2026-7020: Path Traversal in Ollama
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
AI Analysis
Technical Summary
This vulnerability exists in the digestToPath function within the x/imagegen/transfer/transfer.go file of Ollama up to version 0.20.2. By manipulating the digest argument, an attacker can perform a path traversal attack, potentially accessing or modifying files outside the intended directory scope. The attack can be launched remotely without privileges or user interaction, but it requires high complexity to exploit. The CVSS 4.0 vector indicates network attack vector, high attack complexity, no privileges required, no user interaction, and low impact on confidentiality with no impact on integrity or availability.
Potential Impact
Successful exploitation could allow an attacker to traverse the file system paths on the affected system, potentially accessing sensitive files or data outside the intended directories. However, the impact on confidentiality is rated low, and there is no impact on integrity or availability according to the CVSS vector. The exploitability is difficult, and no known active exploitation in the wild has been reported. The availability of public exploit code increases the risk of attempted attacks.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded and no official patch is available, users should monitor for updates from the vendor. Until a fix is released, consider restricting access to the affected component and applying network-level controls to limit exposure. Avoid passing untrusted input to the digest argument if possible.
CVE-2026-7020: Path Traversal in Ollama
Description
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote. This attack is characterized by high complexity. The exploitability is reported as difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS v4.0
Score 6.3medium
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability exists in the digestToPath function within the x/imagegen/transfer/transfer.go file of Ollama up to version 0.20.2. By manipulating the digest argument, an attacker can perform a path traversal attack, potentially accessing or modifying files outside the intended directory scope. The attack can be launched remotely without privileges or user interaction, but it requires high complexity to exploit. The CVSS 4.0 vector indicates network attack vector, high attack complexity, no privileges required, no user interaction, and low impact on confidentiality with no impact on integrity or availability.
Potential Impact
Successful exploitation could allow an attacker to traverse the file system paths on the affected system, potentially accessing sensitive files or data outside the intended directories. However, the impact on confidentiality is rated low, and there is no impact on integrity or availability according to the CVSS vector. The exploitability is difficult, and no known active exploitation in the wild has been reported. The availability of public exploit code increases the risk of attempted attacks.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since the vendor has not responded and no official patch is available, users should monitor for updates from the vendor. Until a fix is released, consider restricting access to the affected component and applying network-level controls to limit exposure. Avoid passing untrusted input to the digest argument if possible.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- VulDB
- Date Reserved
- 2026-04-25T11:29:26.173Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
- Epss Score
- 0.0002
- Epss Percentile
- 0.05497
- Epss Date
- 2026-04-26
- Gcve Source
- db.gcve.eu
Threat ID: 69eda0e087115cfb68ca3f1d
Added to database: 4/26/2026, 5:21:36 AM
Last enriched: 5/11/2026, 2:09:45 AM
Last updated: 6/10/2026, 5:57:07 AM
Views: 181
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.