cvedb.io
CVE-2024-43789
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2024-10-07T21:15:16.710 · Last modified 2026-06-17T07:51:43.087

Summary

Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in the latest version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability.

Affected products

discourse — discourse

Does this affect you?

Add your gear to cvedb and we'll alert you only when discourse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.