CVE-2025-51471

medium

Description

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.

References

https://www.gecko.security/blog/cve-2025-51471

https://github.com/ollama/ollama/pull/10750

https://github.com/ollama/ollama

Details

Source: Mitre, NVD

Published: 2025-07-22

Updated: 2025-07-25

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.9

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Severity: Medium

EPSS

EPSS: 0.00023