TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

SecurityWeek

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

Ionut Arghire · 22 hours ago · Read original ↗

ATT&CK techniques detected

1 predictions
T1190Exploit Public-Facing Application
68%
“restrict network access to their deployments. deploying an authentication proxy and network segmentation should improve security. organizations should also audit running instances for internet exposure and consider any instance accessible from the internet, as well as the environ…”

Summary

Dubbed Bleeding Llama, the heap out-of-bounds read issue can be exploited remotely, without authentication.

The post Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft appeared first on SecurityWeek.