{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T09:08:43.541","vulnerabilities":[{"cve":{"id":"CVE-2025-24026","sourceIdentifier":"security-advisories@github.com","published":"2025-05-14T15:15:56.440","lastModified":"2025-08-01T18:39:05.150","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"iTop is an web based IT Service Management tool. Versions prior to 3.2.1 are vulnerable to regular expression denial of service (ReDoS) that may, under some circumstances, affect iTop server. Version 3.2.1 doesn't use the affected variable in the regular expression. As a workaround, if iTop app_root_url is defined in the configuration file, then there is no possible way to exploit this ReDoS."},{"lang":"es","value":"iTop es una herramienta web de gestión de servicios de TI. Las versiones anteriores a la 3.2.1 son vulnerables a la denegación de servicio por expresión regular (ReDoS), que, en determinadas circunstancias, puede afectar al servidor iTop. La versión 3.2.1 no utiliza la variable afectada en la expresión regular. Como workaround, si iTop app_root_url está definido en el archivo de configuración, no es posible explotar este ReDoS."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.1","matchCriteriaId":"BF8B6F29-FD69-4F2C-8A50-7A32FC0FDCE0"}]}]}],"references":[{"url":"https://github.com/Combodo/iTop/security/advisories/GHSA-9g7f-jmc3-rrmf","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}