Ollama does not validate the format of the digest (sha256 with 64 hex digits) in github.com/ollama/ollama
CPE | Name | Operator | Version |
---|---|---|---|
github.com/ollama/ollama | lt | 0.1.34 |
github.com/advisories/GHSA-8hqg-whrw-pv92
github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58
github.com/ollama/ollama/commit/2a21363bb756a7341d3d577f098583865bd7603f
github.com/ollama/ollama/compare/v0.1.33...v0.1.34
github.com/ollama/ollama/pull/4175
nvd.nist.gov/vuln/detail/CVE-2024-37032