{"id":"PYSEC-2025-147","details":"Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.","aliases":["CVE-2025-51471","GHSA-x9hg-5q6g-q3jr","GO-2025-3824"],"modified":"2026-06-10T12:00:05.508552417Z","published":"2025-07-22T19:15:25.403Z","withdrawn":"2026-06-10T11:00:00Z","references":[{"type":"WEB","url":"https://huntr.com/bounties/94eea285-fd65-4e01-a035-f533575ebdc2"},{"type":"REPORT","url":"https://github.com/ollama/ollama/pull/10750"},{"type":"PACKAGE","url":"https://github.com/ollama/ollama"},{"type":"EVIDENCE","url":"https://www.gecko.security/blog/cve-2025-51471"}],"affected":[{"package":{"name":"ollama","ecosystem":"PyPI","purl":"pkg:pypi/ollama"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"0.6.7-NA"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ollama/PYSEC-2025-147.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N"}]}