GHSA-2237-5r9w-vm8j: Connect-CMS information that is restricted to viewing is visible

GHSA-5rjc-jc28-cwgg: Connect-CMS Access control vulnerability

GHSA-432c-wxpg-m4q3: xml2rfc has file inclusion irregularities

GHSA-vj7w-3m8c-6vpx: SFTPGo has insufficient sanitization of user provided rsync command

GHSA-vr5f-php7-rg24: Pimcore Admin Classic Bundle allows user enumeration

Ollama before 0.1.29 has a DNS rebinding vulnerability that can inadvertently allow remote access to the full API, thereby letting an unauthorized user chat with a large language model, delete a model, or cause a denial of service (resource exhaustion).

**Ollama DNS rebinding vulnerability**

High severity GitHub Reviewed Published Apr 8, 2024 to the GitHub Advisory Database • Updated Apr 8, 2024

Headline

GHSA-5jx5-hqx5-2vrj: Ollama DNS rebinding vulnerability

ghsa: Latest News