Описание
A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.3.14 (включая)
cpe:2.3:a:ollama:ollama:*:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.00255
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770
CWE-770
Связанные уязвимости
CVSS3: 7.5
redhat
10 месяцев назад
A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack.
CVSS3: 7.5
debian
10 месяцев назад
A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to c ...
CVSS3: 7.5
github
10 месяцев назад
Ollama Allocation of Resources Without Limits or Throttling vulnerability
EPSS
Процентиль: 49%
0.00255
Низкий
7.5 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-770
CWE-770