{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T15:03:02.692","vulnerabilities":[{"cve":{"id":"CVE-2024-49734","sourceIdentifier":"security@android.com","published":"2025-01-21T23:15:14.307","lastModified":"2025-04-22T14:39:15.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In multiple functions of ConnectivityService.java, there is a possible way for a Wi-Fi AP to determine what site a device has connected to through a VPN due to side channel information disclosure. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."},{"lang":"es","value":"En varias funciones de ConnectivityService.java, existe una forma posible para que un punto de acceso Wi-Fi determine a qué sitio se ha conectado un dispositivo a través de una VPN debido a la divulgación de información del canal lateral. Esto podría generar una divulgación de información remota sin necesidad de privilegios de ejecución adicionales. No se necesita la interacción del usuario para la explotación."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*","matchCriteriaId":"2700BCC5-634D-4EC6-AB67-5B678D5F951D"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:15.0:*:*:*:*:*:*:*","matchCriteriaId":"8538774C-906D-4B03-A3E7-FA7A55E0DA9E"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2025-01-01","source":"security@android.com","tags":["Vendor Advisory"]}]}}]}