Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Validation of Array Index in ollama/ollama
Vulnerability Description
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can lead to a server crash.
CVSS Information
N/A
Vulnerability Type
对数组索引的验证不恰当
Vulnerability Title
Ollama 输入验证错误漏洞
Vulnerability Description
Ollama是Ollama开源的一个可以在本地启动并运行的大型语言模型。 Ollama 0.5.11版本存在输入验证错误漏洞,该漏洞源于数组索引访问验证不足,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A