15 matches found
Ollama allows deletion of arbitrary files
An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...
GHSA-X9HG-5Q6G-Q3JR Ollama vulnerable to Cross-Domain Token Exposure
Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...
GO-2025-3558 Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama...
GO-2025-3559 Ollama Divide By Zero vulnerability in github.com/ollama/ollama
Ollama Divide By Zero vulnerability in github.com/ollama/ollama...
Ollama Allows Out-of-Bounds Read
A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...
CVE-2024-8063 Divide by Zero in ollama/ollama
A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for blockcount in the Modelfile. This can lead to a denial of service DoS condition when the server processes the model, causing it to crash...
PT-2025-12311 · Ollama · Ollama
Name of the Vulnerable Software and Affected Versions: ollama/ollama versions 0.3.14 and earlier Description: A malicious user can create a customized GGUF model file, upload it to the Ollama server, and create it, causing the server to allocate unlimited memory. This leads to a Denial of Service...
PT-2025-12309 · Ollama · Ollama
Name of the Vulnerable Software and Affected Versions: ollama/ollama versions prior to 0.3.14 Description: The issue allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference...
PT-2025-12118 · Ollama · Ollama
Name of the Vulnerable Software and Affected Versions: Ollama versions =0.3.14 Description: A malicious user can create a customized gguf model file that can be uploaded to the public Ollama server, causing it to crash and leading to a Denial of Service DoS attack. The root cause of the issue is ...
Out-of-bounds Read
Ollama is vulnerable to Out-of-bounds Read. The vulnerability is due to the ability to upload a malformed GGUF file containing only 4 bytes with a custom magic header. By using a custom Modelfile with a FROM statement pointing to an attacker-controlled blob, the attacker can cause a segmentation...
Ollama Out-of-bounds Read
An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file,...
CVE-2024-45436
extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory...
PT-2025-9629 · Ollama · Ollama
Name of the Vulnerable Software and Affected Versions: ollama/ollama version 0.1.37 Description: The issue is related to improper input validation in the handling of zip files, known as ZipSlip, which occurs in the parseFromZipFile function in server/model.go. This allows an attacker to write...
SUSE CVE-2024-37032
Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...
GHSA-8HQG-WHRW-PV92 vulnerabilities
Vulnerabilities for packages: ollama...