VYPR

apk package

chainguard/ollama-fips

pkg:apk/chainguard/ollama-fips

Vulnerabilities (45)

  • CVE-2024-8063Mar 20, 2025
    affected < 0fixed 0

    A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a denial of service (DoS) condition when the server processes the model, causing it

  • CVE-2025-0312Mar 20, 2025
    affected < 0fixed 0

    A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attac

  • CVE-2025-0317Mar 20, 2025
    affected < 0fixed 0

    A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Servi

  • CVE-2025-0315Mar 20, 2025
    affected < 0fixed 0

    A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack.

  • CVE-2024-12055Mar 20, 2025
    affected < 0fixed 0

    A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service (DoS) attack. The root cause of

Page 3 of 3