CVE-2025-44779
An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull.
| Software | From | Fixed in |
|---|---|---|
github.com/ollama/ollama
|
- | 0.1.34 |
| ollama / ollama | 0.1.33 | 0.1.33.x |
- https://a1batr0ss.top/2025/03/17/Ollama-arbitrary-file-deletion-vulnerability
- https://a1batr0ss.top/2025/03/17/Ollama-arbitrary-file-deletion-vulnerability/
- https://a1batr0ss.top/2025/08/06/CVE-2025-44779-Ollama-arbitrary-file-deletion
- https://a1batr0ss.top/2025/08/06/CVE-2025-44779-Ollama-arbitrary-file-deletion/
- https://github.com/ollama/ollama
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime