Denial of Service Vulnerability in Ollama Server by Ollama
CVE-2025-1975
7.5HIGH
What is CVE-2025-1975?
A vulnerability identified in the Ollama Server version 0.5.11 allows an attacker to execute a Denial of Service (DoS) attack. This is achieved by manipulating the manifest content to spoof a service, resulting in improper validation of array index access when models are downloaded through the /api/pull endpoint. Such exploitation may lead to a server crash, compromising its availability and impacting users.
Affected Version(s)
ollama/ollama <= unspecified