CVE-2024-7779

Name of the Vulnerable Software and Affected Versions danswer-ai/danswer version 1

Description A vulnerability allows an attacker to perform a Regular Expression Denial of Service (ReDoS) by manipulating regular expressions. This can significantly slow down the application's response time and potentially render it completely unusable.

Recommendations For danswer-ai/danswer version 1, consider restricting the use of regular expressions to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using complex regular expressions in the application to prevent significant slowdowns or complete unavailability.