CVE-2025-1975 – Ollama Server Array Index Access Denial of Service Vulnerability

CVE ID : CVE-2025-1975

Published : May 16, 2025, 9:15 a.m. | 1 hour, 44 minutes ago

Description : A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can lead to a server crash.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…