Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Allocation of Resources Without Limits or Throttling in ollama/ollama
Vulnerability Description
A vulnerability in ollama/ollama <=0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service (DoS) attack.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Ollama 安全漏洞
Vulnerability Description
Ollama是Ollama开源的一个可以在本地启动并运行的大型语言模型。 Ollama 0.3.14及之前版本存在安全漏洞,该漏洞源于上传自定义GGUF模型文件可能导致服务器分配无限内存,从而导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A