VYPR
High severity7.5NVD Advisory· Published Mar 20, 2025· Updated Apr 15, 2026

CVE-2024-8028

CVE-2024-8028

Description

A vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed multipart boundary. By appending a large number of characters to the end of the multipart boundary, the server continuously processes each character, rendering the application inaccessible. This issue can be exploited by sending a single crafted request, affecting all users on the server.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Danswer AI/Danswerinferred2 versions
    = 0.3.94+ 1 more
    • (no CPE)range: = 0.3.94
    • (no CPE)range: = 0.3.94

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.