Ollama <= 0.9.6 Cross-Domain Token Exposure

The version of Ollama installed on the remote host is 0.9.6 or earlier. It is, therefore, affected by a vulnerability. Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.9.6 allows remote attackers to steal authentication tokens and bypass access controls via a malicious...

SUSE CVE-2025-44779

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...

PYSEC-2025-146

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...

PYSEC-2025-146

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...

CVE-2025-44779

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via the /api/pull endpoint. An attacker can remove files from the file system by sending a specially crafted packet to this endpoint. Remediation Upgrade...

PT-2025-32263 · Ollama · Ollama

Name of the Vulnerable Software and Affected Versions: Ollama version 0.1.33 Description: An issue allows attackers to delete arbitrary files by sending a crafted packet to the /api/pull endpoint. Recommendations: Update to a newer version that contains a fix for this issue. As a temporary...

SUSE CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

PYSEC-2025-147

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

PYSEC-2025-147

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the server.auth.URL function. An attacker can obtain authentication tokens and circumvent access controls by supplying a crafted realm value in the WWW-Authenticate header returned from the /api/pull endpoint...

SUSE CVE-2025-1975

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index when downloading a model via the /api/pull endpoint. An attacker can cause the server to crash by customizing the manifest content and spoofing a service. Remediation Upgrade...

PYSEC-2025-145

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

PYSEC-2025-145

A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...

Access Control Bypass

github.com/pterodactyl/wings is vulnerable to Access Control Bypass. The vulnerability is due to improper access controls within the pull endpoint, allowing authenticated users to evade restrictions and potentially access resources on local networks...

PT-2021-24355 · Pterodactyl · Pterodactyl Wings

Name of the Vulnerable Software and Affected Versions: Pterodactyl Wings versions prior to 1.11.2 Description: An authenticated user with access to a game server can bypass previously implemented access control, potentially accessing resources on local networks that would otherwise be inaccessibl...