SUSE CVE-2026-7020

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...

Ollama is Vulnerable to Path Traversal

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...

CVE-2026-7020

CVE-2026-7020 affects Ollama up to version 0.20.2. The vulnerability lies in the digestToPath function (x/imagegen/transfer/transfer.go) where manipulating the digest enables path traversal. The attack can be performed remotely and is described as high complexity with a documented PoC/exploit. Co...

EUVD-2026-25695

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...

PT-2026-35201

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manipulation of the argument digest results in path traversal. The attack may be performed from remote...

Ollama 路径遍历漏洞

Ollama is an open-source tool developed by Ollama that can be run locally, used for managing and customizing large language models. Ollama versions 0.20.2 and earlier had a path traversal vulnerability. This vulnerability stemmed from the operation of the digestToPath function in the Tensor Model...