CVE-2025-44779: 
Wolfi vulnerability analysis and mitigation

An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull. The vulnerability was discovered in March 2025 and was assigned CVE-2025-44779. The affected software is Ollama, a lightweight platform designed to run and manage large language models locally on personal machines (Ollama Blog).

The vulnerability exists in the file handling mechanism of Ollama's /api/pull endpoint. When pulling images, if a file already exists at the path where a digest is to be saved, the file is treated as having a mismatched digest value and is therefore deleted. The vulnerability has been assigned a CVSS v3.1 Base Score of 6.6 (MEDIUM) with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H. The weakness types associated with this vulnerability are CWE-20 (Improper Input Validation) and CWE-552 (Files or Directories Accessible to External Parties) (NVD).

The vulnerability allows attackers to delete arbitrary files on the system by sending specially crafted packets to the /api/pull endpoint. This can lead to data loss and potential system disruption. The CVSS scoring indicates high impact on availability (A:H) with lower impacts on confidentiality (C:L) and integrity (I:L) (NVD).

The vulnerability has been fixed in Ollama version 0.1.34. Users are advised to upgrade to this version or later to mitigate the risk (Ollama Blog).