Security Advisory

CVE-2024-28224

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-04-08 00:00:00

Last updated 2025-03-26 20:00:51

Assigner mitre

State PUBLISHED

Description

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service (resource exhaustion).

← Browse all CVEs View on cve.org ↗