pkg:Go/github.com/ollama/ollama

All known vulnerabilities

• CRITICAL9.1CVE-2026-7482Ollama contains a heap out-of-bounds read vulnerability in the GGUF model loader
  from 0, < 0.17.1
• HIGH8.8CVE-2024-28224Ollama DNS rebinding vulnerability in github.com/jmorganca/ollama
  from 0, < 0.1.29
• HIGH8.2CVE-2024-39720Ollama Out-of-bounds Read in github.com/ollama/ollama
  from 0, < 0.1.46
• HIGH8.2Ollama Out-of-bounds Read in github.com/ollama/ollama
  from 0, < 0.1.46
• HIGH7.5Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama
  from 0, <= 0.5.11
• HIGH7.5Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5Ollama Divide By Zero vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5Ollama Divide By Zero vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama
  from 0, < 0.4.0-ci1
• HIGH7.5Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
  from 0, <= 0.3.14
• HIGH7.5Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Divide by Zero Vulnerability in github.com/ollama/ollama
  from 0
• HIGH7.5Ollama Divide by Zero Vulnerability in github.com/ollama/ollama
  from 0, <= 0.3.3
• HIGH7.5Ollama can extract members of a ZIP archive outside of the parent directory in github.com/ollama/ollama
  from 0, < 0.1.47
• HIGH7.5Ollama can extract members of a ZIP archive outside of the parent directory in github.com/ollama/ollama
  from 0, < 0.1.47
• MEDIUM6.9Ollama vulnerable to Cross-Domain Token Exposure in github.com/ollama/ollama
  from 0, <= 0.9.6
• MEDIUM6.9Ollama vulnerable to Cross-Domain Token Exposure in github.com/ollama/ollama
  from 0
• MEDIUM6.6Ollama allows deletion of arbitrary files in github.com/ollama/ollama
  from 0, < 0.1.34
• MEDIUM6.6Ollama allows deletion of arbitrary files in github.com/ollama/ollama
  from 0, < 0.1.34
• MEDIUM5.6Ollama is Vulnerable to Path Traversal
  from 0, <= 0.20.2
• —Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama
  from 0
• —Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama
  from 0, <= 0.13.5
• —Ollama does not validate the format of the digest (sha256 with 64 hex digits) in github.com/ollama/ollama
  from 0, < 0.1.34
• —Ollama does not validate the format of the digest (sha256 with 64 hex digits) in github.com/ollama/ollama
  from 0, < 0.1.34