Home

Description

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service (DoS) attack via remote network.

PUBLISHED Reserved 2025-01-07 | Published 2025-03-20 | Updated 2025-03-20 | Assigner @huntr_ai




HIGH: 7.5CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Problem types

CWE-476 NULL Pointer Dereference

Product status

Any version
affected

References

huntr.com/bounties/522c87b6-a7ac-41b2-84f3-62fd58921f21

cve.org (CVE-2025-0312)

nvd.nist.gov (CVE-2025-0312)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.