pkg:Go/github.com/ollama/ollama

All known vulnerabilities

• CRITICAL9.1CVE-2026-7482Ollama contains a heap out-of-bounds read vulnerability in the GGUF model loader
  from 0, < 0.17.1
• HIGH8.8CVE-2024-28224Ollama DNS rebinding vulnerability in github.com/jmorganca/ollama
  from 0, < 0.1.29
• HIGH8.2CVE-2024-39720Ollama Out-of-bounds Read in github.com/ollama/ollama
  from 0, < 0.1.46
• HIGH8.2CVE-2024-39720Ollama Out-of-bounds Read in github.com/ollama/ollama
  from 0, < 0.1.46
• HIGH7.5CVE-2025-1975Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2025-1975Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama
  from 0, <= 0.5.11
• HIGH7.5CVE-2025-0315Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2025-0315Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5CVE-2025-0312Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2025-0312Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5CVE-2025-0317Ollama Divide By Zero vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5CVE-2025-0317Ollama Divide By Zero vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2024-12886Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5CVE-2024-12886Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama
  from 0, < 0.4.0-ci1
• HIGH7.5CVE-2024-12055Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5CVE-2024-12055Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2024-8063Ollama Divide by Zero Vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5CVE-2024-8063Ollama Divide by Zero Vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.3
• HIGH7.5CVE-2024-45436Ollama can extract members of a ZIP archive outside of the parent directory in github.com/ollama/ollama
  from 0, < 0.1.47
• HIGH7.5CVE-2024-45436Ollama can extract members of a ZIP archive outside of the parent directory in github.com/ollama/ollama
  from 0, < 0.1.47
• MEDIUM6.9CVE-2025-51471Ollama vulnerable to Cross-Domain Token Exposure in github.com/ollama/ollama
  from 0, <= 0.9.6
• MEDIUM6.9CVE-2025-51471Ollama vulnerable to Cross-Domain Token Exposure in github.com/ollama/ollama
  from 0
• MEDIUM6.6CVE-2025-44779Ollama allows deletion of arbitrary files in github.com/ollama/ollama
  from 0, < 0.1.34
• MEDIUM6.6CVE-2025-44779Ollama allows deletion of arbitrary files in github.com/ollama/ollama
  from 0, < 0.1.34
• MEDIUM5.6CVE-2026-7020Ollama is Vulnerable to Path Traversal
  from 0, <= 0.20.2
• —CVE-2025-63389Ollama Platform has missing authentication enabling attackers to perform model management operations
  from 0
• —CVE-2025-63389Ollama Platform has missing authentication enabling attackers to perform model management operations
  from 0, <= 0.13.5
• —CVE-2024-37032Ollama does not validate the format of the digest (sha256 with 64 hex digits)
  from 0, < 0.1.34
• —CVE-2024-37032Ollama does not validate the format of the digest (sha256 with 64 hex digits)
  from 0, < 0.1.34