Vulnerabilities > Ollama > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2024-12055 | Out-of-bounds Read vulnerability in Ollama A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. | 7.5 |
| 2025-03-20 | CVE-2024-8063 | Divide By Zero vulnerability in Ollama 0.3.3 A divide by zero vulnerability exists in ollama/ollama version v0.3.3. | 7.5 |
| 2025-03-20 | CVE-2025-0312 | NULL Pointer Dereference vulnerability in Ollama A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. | 7.5 |
| 2025-03-20 | CVE-2025-0313 | Improper Validation of Array Index vulnerability in Ollama A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model that can cause a denial of service (DoS) attack. | 7.5 |
| 2025-03-20 | CVE-2025-0315 | Allocation of Resources Without Limits or Throttling vulnerability in Ollama A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. | 7.5 |
| 2025-03-20 | CVE-2025-0317 | Divide By Zero vulnerability in Ollama A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. | 7.5 |
| 2024-08-29 | CVE-2024-45436 | Path Traversal vulnerability in Ollama extractFromZipFile in model.go in Ollama before 0.1.47 can extract members of a ZIP archive outside of the parent directory. | 7.5 |