High severity7.5NVD Advisory· Published Mar 20, 2025· Updated Apr 15, 2026
CVE-2024-8028
CVE-2024-8028
Description
A vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed multipart boundary. By appending a large number of characters to the end of the multipart boundary, the server continuously processes each character, rendering the application inaccessible. This issue can be exploited by sending a single crafted request, affecting all users on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 0.3.94+ 1 more
- (no CPE)range: = 0.3.94
- (no CPE)range: = 0.3.94
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.