repository icon
ollama / ollama Project repository

Get up and running with Llama 3.2, Mistral, Gemma 2, and other large language models.

Submit a report

FIRST INTERACTION

WITHINN/A DAYS

REVIEW

WITHIN14 DAYS

FIX

WITHINN/A DAYS

Malformed WWW-Authenticate header causes unhandled panic (DoS) in /api/pull and...
flamki
duplicate
High
Improper GGUF File Validation Leads to Persistent DoS
jaquelinedops
duplicate
Critical
Remote DoS via String Length Overflow in Go GGUF Parser
flex0geek
duplicate
High
Remote DoS via Array Count Overflow in Go GGUF Parser
flex0geek
duplicate
High
Remote DoS via SIGFPE in GGUF C Parser (Division by Zero)
flex0geek
duplicate
High
Remote DoS via Unrecovered Goroutine Panic in `/api/create`
flex0geek
duplicate
High
DoS via integer overflow in readGGUFString (GGUF parser)
radikhoroshev
duplicate
High
Denial of Service via Unbounded Memory Allocation in GGUF String Parsing
twsky100
duplicate
High
DNS Rebinding Bypass of Host Validation Allows Cross-Origin API Access
twsky100
duplicate
High
DNS Rebinding bypasses allowedHostsMiddleware via .local/.internal TLD wildcard
eistee82
duplicate
High
Server Crash via GGUF String Length Integer Truncation
yjk0805
duplicate
High
Server Crash via Unchecked Type Assertion in `/api/create` Info Field
yjk0805
duplicate
High
Division-by-Zero Server Crash via `general.alignment = 0` in GGUF Parser
yjk0805
duplicate
High
DNS Rebinding Host Bypass
appsecguardian-hash
duplicate
Critical
OOM DoS via Unbounded Safetensors Allocation in imagegen Module (2 Locations)
iamveene
self closed
OOM DoS via Unbounded Memory Allocation in Safetensors and GGUF Model Parsers
iamveene
self closed
Zip Slip in macOS Auto-Updater Allows Arbitrary File Write via Path Traversal
iamveene
self closed
DNS Rebinding Bypass via allowedHostsMiddleware Allows Cross-Origin API Access
iamveene
self closed
DNS Rebinding via .localhost TLD Bypass Allows Browser-Based Attack on Local Oll...
uncle-enzo
duplicate
High
Browser-triggerable unauthenticated panic in `/api/create` via unsafe type asser...
maru1009
duplicate
Medium
Unauthenticated DoS via Panic in /api/create Due to Unsafe Type Assertion
mstscmsn
duplicate
High
Remote DoS via Integer Overflow in Multimodal Image Tokenization
fatmo666
duplicate
High
Unbounded Memory Allocation (OOM/DoS) in `x/imagegen` SafeTensors Parser
ashfiexe
duplicate
High
Integer Signedness Bug in GGUF readString() Bypasses Bounds Check — Denial of Se...
nottiboy137
duplicate
Medium
Missing Bounds Check on SafeTensors data_offsets Causes Index Out-of-Bounds Pani...
nottiboy137
duplicate
High
Integer Overflow in SafeTensors Header Size Causes Server Crash — Denial of Serv...
nottiboy137
duplicate
High
Unvalidated SafeTensors Header Size Causes Server Crash via OOM/Panic in parseSa...
shima-coder
duplicate
High
Remote Denial of Service via Malicious Registry www-authenticate Header Parsing
akhmittra
duplicate
Medium
DoS - Memory Exhaustion in GGUF Parsing logic
groscins
duplicate
High
Safetensors parser unbounded memory allocation crashes server process (patch mis...
jungmine
duplicate
High
Improper safetensors header-length validation leads to DoS
anhvuleduc
duplicate
High
GGUF String Length Integer Overflow lead to DOS
anhvuleduc
duplicate
High
DNS Rebinding Bypass via .local mDNS — Incomplete Fix for CVE-2024-28224
responsiblereport10
duplicate
High
Integer Overflow in GGUF Array Size Parsing Causes DoS via Panic
222n5
self closed
Heap Buffer Overflow and Integer Overflow in Image Processing Leading to DoS and...
malhyuk
duplicate
High
Denial of Service (OOM) via Unbounded Allocation
fatihhcelik
duplicate
High
Blind SSRF in PullModel allows Internal Network Scanning & Cloud Metadata Exfilt...
bademeischta
duplicate
High
Server-Side Request Forgery Enables Internal Network Scanning and Cloud Metadata...
abdallaabdalrhman
duplicate
Critical
systemd unit directive injection via unescaped $PATH in installer leads to root...
asoticdin
pending
Windows updater executes unsigned installer from staging (arbitrary code executi...
asoticdin
duplicate
High
Blind SSRF Bypass via Unsafe HTTP Client Redirect Policy (http.DefaultClient)
yasinseyhun
pending
Unauthenticated Remote Denial of Service (DoS) via Malformed GGUF File Parsing (...
yasinseyhun
duplicate
High
Supply Chain Remote Code Execution via Insecure Update Mechanism
hackwidmaddy
pending
Missing Cryptographic Signature Verification in Windows Update Mechanism leading...
shash-hq
pending
System Prompt Injection via Template Markers Bypasses System Instructions
velvolution-claudeverse
pending
Unbounded string reflection of model name
ndren
pending
Arbitrary File Read in Ollama Client
kr1shna4garwal
pending
SSRF via Location Header Redirect in Blob Upload
sellamiam
pending
ZIP Slip Path Traversal in macOS Auto-Updater allows arbitrary file write
vitalysim
pending
Ollama Desktop Stored XSS via Unsanitized AI Response Rendering
pyozzi-toss
pending
Ollama Exposes the Local Model Directory via Network Requests
ylwango613
duplicate
Medium
Unauthenticated Blind SSRF in /api/pull and /api/push allowing Internal Network...
jarcis-cy
duplicate
High
Reading a malicious GGUF file causes out-of-bounds read and crash
ylwango613
duplicate
High
Ollama Token-Length Overflow Causes Denial of Service
ylwango613
pending
JavaScript Injection via Deeplink Handler in Ollama Desktop for Windows
pyozzi-toss
pending
Unauthenticated network access to model management and inference via Docker defa...
sleeptok3n
pending
Blind Server-Side Request Forgery from custom model files to internal endpoints...
sim4n6
duplicate
Medium
A malformed image can lead to DoS due to unchecked null pointer dereference via...
weblover12
self closed
Ollama API allows anyone to do anything remotely when Ollama is exposed to the n...
r4356th
duplicate
Critical
Ollama /api/create Unauthenticated DoS via Unsafe Interface Conversion
weblover12
duplicate
High
A malicious request can lead to panic DOS due to unsafe type conversion in Creat...
tianstcht
pending
Denial of Service (DoS) attacks triggered by malicious private registry
h1b1ki
duplicate
High