Ollama · Ollama · CVE-2025-44779
**Name of the Vulnerable Software and Affected Versions**
Ollama version 0.1.33
**Description**
An issue allows attackers to delete arbitrary files by sending a crafted packet to the `/api/pull` endpoint.
**Recommendations**
Update to a newer version that contains a fix for this issue. As a temporary workaround, restrict access to the `/api/pull` endpoint.