CVE-2025-66960

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

PYSEC-2026-102

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

CVE-2025-66959

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder...

Ollama <= 0.9.6 Cross-Domain Token Exposure

The version of Ollama installed on the remote host is 0.9.6 or earlier. It is, therefore, affected by a vulnerability. Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.9.6 allows remote attackers to steal authentication tokens and bypass access controls via a malicious...

Ollama <= 0.3.3 DoS

The version of Ollama installed on the remote host is prior or equal to 0.3.3. It is, therefore, affected by a vulnerability. A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for blockcount in the...

SUSE CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

PYSEC-2025-147

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

CVE-2025-0317

A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...

CVE-2024-8063

A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for blockcount in the Modelfile. This can lead to a denial of service DoS condition when the server processes the model, causing it to crash...

CVE-2024-8063 Divide by Zero in ollama/ollama

A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for blockcount in the Modelfile. This can lead to a denial of service DoS condition when the server processes the model, causing it to crash...

CVE-2024-8063

CVE-2024-8063 concerns Ollama/ollama before or at v0.3.3. A vulnerability arises when importing GGUF models with a crafted type for the block_count field in the Modelfile, causing a divide-by-zero error that leads to a DoS (server crash) when processing the model. The associated connected data co...

PT-2025-12217 · Ollama · Ollama

Name of the Vulnerable Software and Affected Versions: ollama/ollama version v0.3.3 Description: A divide by zero issue exists when importing GGUF models with a crafted type for block count in the Modelfile, leading to a denial of service DoS condition that causes the server to crash...

Ollama 数字错误漏洞

Ollama is an Ollama open source large-scale language model that can be started and run locally. A numeric error vulnerability exists in Ollama version v0.3.3, which stems from a blockcount type specialization when importing a GGUF model that could result in a divide-by-zero error, triggering a...

Ollama < 0.1.29 DNS Rebinding

According to the self-reported version in its response header, the version of Ollama hosted on the remote web server is 0.1.29. It is, therefore, affected by a DNS Rebinding. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported versi...

PT-2024-7104 · Ollama · Ollama

Name of the Vulnerable Software and Affected Versions: Ollama versions prior to 0.1.47 Description: The issue is related to the extractFromZipFile function in model.go of the Ollama system, which is used for launching and managing large language models LLM. This function has an incorrect...

CVE-2024-37032

Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...

GHSA-5JX5-HQX5-2VRJ Ollama DNS rebinding vulnerability

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service resource exhaustion...