Google Git
Sign in
go / vulndb / cd63f220cb523a9050edf6baeb84e795c45b5f3c^! / .
commitcd63f220cb523a9050edf6baeb84e795c45b5f3c[log] [tgz]
authorNeal Patel <nealpatel@google.com>Tue May 20 12:55:17 2025 -0400
committerGopher Robot <gobot@golang.org>Thu May 22 09:50:31 2025 -0700
tree7861e2952ba306cf7939deea61a977d199f76709
parent82d2a30dbf053d03490d959b9017865bec5199ae [diff]
data/reports: add GO-2025-3695

  - data/reports/GO-2025-3695.yaml

Updates golang/vulndb#3695

Change-Id: Iad4306acd112da47fa4a6bd68f6a00c70f7ae914
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/674495
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Neal Patel <nealpatel@google.com>

diff --git a/data/osv/GO-2025-3695.json b/data/osv/GO-2025-3695.json
new file mode 100644
index 0000000..9e01521
--- /dev/null
+++ b/data/osv/GO-2025-3695.json

@@ -0,0 +1,45 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3695",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-1975",
+    "GHSA-wrh5-cmwx-q2qr"
+  ],
+  "summary": "Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama",
+  "details": "Ollama Server Vulnerable to Denial of Service (DoS) Attack in github.com/ollama/ollama",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/ollama/ollama",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-wrh5-cmwx-q2qr"
+    },
+    {
+      "type": "WEB",
+      "url": "https://huntr.com/bounties/921ba5d4-f1d0-4c66-9764-4f72dffe7acd"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3695",
+    "review_status": "REVIEWED"
+  }
+}
\ No newline at end of file

diff --git a/data/reports/GO-2025-3695.yaml b/data/reports/GO-2025-3695.yaml
new file mode 100644
index 0000000..0c55b06
--- /dev/null
+++ b/data/reports/GO-2025-3695.yaml

@@ -0,0 +1,20 @@
+id: GO-2025-3695
+modules:
+    - module: github.com/ollama/ollama
+      vulnerable_at: 0.5.11
+summary: |-
+    Ollama Server Vulnerable to Denial of Service (DoS) Attack in
+    github.com/ollama/ollama
+cves:
+    - CVE-2025-1975
+ghsas:
+    - GHSA-wrh5-cmwx-q2qr
+references:
+    - advisory: https://github.com/advisories/GHSA-wrh5-cmwx-q2qr
+    - web: https://huntr.com/bounties/921ba5d4-f1d0-4c66-9764-4f72dffe7acd
+notes:
+    - No patched version specified.
+source:
+    id: GHSA-wrh5-cmwx-q2qr
+    created: 2025-05-20T12:53:44.012879-04:00
+review_status: REVIEWED