Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-p2wh-w96x-w232

Опубликовано: 20 мар. 2025
Источник: github
Github: Прошло ревью
CVSS3: 7.5

Описание

Ollama Denial of Service (DoS) via Null Pointer Dereference

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network.

Ссылки

Пакеты

Наименование

github.com/ollama/ollama

go
Затронутые версииВерсия исправления

<= 0.3.14

Отсутствует

EPSS

Процентиль: 46%
0.00236
Низкий

7.5 High

CVSS3

CVE ID

CVE-2025-0312

Дефекты

CWE-476

Связанные уязвимости

redhat логотип

CVE-2025-0312

CVSS3: 7.5
redhat
10 месяцев назад

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network.

nvd логотип

CVE-2025-0312

CVSS3: 7.5
nvd
10 месяцев назад

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network.

debian логотип

CVE-2025-0312

CVSS3: 7.5
debian
10 месяцев назад

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious ...

EPSS

Процентиль: 46%
0.00236
Низкий

7.5 High

CVSS3

CVE ID

CVE-2025-0312

Дефекты

CWE-476