CVE-2025-0313 Information

Description

A vulnerability in ollama/ollama versions <=0.3.14 allows a malicious user to create a GGUF model that can cause a denial of service (DoS) attack. The vulnerability is due to improper validation of array index bounds in the GGUF model handling code which can be exploited via a remote network.

Reference

https://huntr.com/bounties/450c90f9-bc02-4560-afd4-d0aa057ac82c https://huntr.com/bounties/450c90f9-bc02-4560-afd4-d0aa057ac82c