CVE-2025-24026

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-1333
View all →

Vulnerability Description

iTop is an web based IT Service Management tool. Versions prior to 3.2.1 are vulnerable to regular expression denial of service (ReDoS) that may, under some circumstances, affect iTop server. Version 3.2.1 doesn't use the affected variable in the regular expression. As a workaround, if iTop app_root_url is defined in the configuration file, then there is no possible way to exploit this ReDoS.

Related Vulnerabilities

CVE-2017-20162

MEDIUM
CVSS:5.3(Medium)

A vulnerability, which was classified as problematic, has been found in vercel ms up to 1.x. This issue affects the function parse of the file index.js. The manipulation of the argument str leads to i...

CWE-13332017

CVE-2021-23362

MEDIUM
CVSS:5.3(Medium)

The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular e...

CWE-13332021

CVE-2021-23364

MEDIUM
CVSS:5.3(Medium)

The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.

CWE-13332021

CVE-2021-3765

MEDIUM
CVSS:5.3(Medium)

validator.js is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3820

MEDIUM
CVSS:5.3(Medium)

inflect is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021

CVE-2021-3822

MEDIUM
CVSS:5.3(Medium)

jsoneditor is vulnerable to Inefficient Regular Expression Complexity

CWE-13332021