{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T02:01:49.738","vulnerabilities":[{"cve":{"id":"CVE-2024-47249","sourceIdentifier":"security@apache.org","published":"2024-11-26T12:15:19.123","lastModified":"2025-07-08T14:17:12.870","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Validation of Array Index vulnerability in Apache NimBLE.\n\nLack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash.\nThis issue requires broken or bogus Bluetooth controller and thus severity is considered low.\nThis issue affects Apache NimBLE: through 1.7.0.\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue."},{"lang":"es","value":"Vulnerabilidad de validación incorrecta del índice de matriz en Apache NimBLE. La falta de validación de entrada para eventos HCI del controlador podría provocar una corrupción de la memoria fuera de los límites y un bloqueo. Este problema requiere un controlador Bluetooth dañado o falso y, por lo tanto, se considera de baja gravedad. Este problema afecta a Apache NimBLE: hasta la versión 1.7.0. Se recomienda a los usuarios que actualicen a la versión 1.8.0, que soluciona el problema."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:nimble:*:*:*:*:*:*:*:*","versionEndExcluding":"1.8.0","matchCriteriaId":"71BB8957-7DC2-4E02-B560-1526E9758F46"}]}]}],"references":[{"url":"https://github.com/apache/mynewt-nimble/commit/f39330866a85fa4de49246e9d21334bc8d14f0a1","source":"security@apache.org","tags":["Patch"]},{"url":"https://lists.apache.org/thread/7ckxw6481dp68ons627pjcb27c75n0mq","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2024/11/26/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Vendor Advisory"]}]}}]}