Vulnerabilities
This page contains a summary of Common Vulnerabilities and Exposures (CVE) discovered and fixed in Apache Mynewt.
| CVE-ID | Description | Releases Affected | Release Fixed |
|---|---|---|---|
| CVE-2024-24746 | Loop with Unreachable Exit Condition | NimBLE through 1.6.0 | NimBLE 1.7.0 |
| CVE-2024-47248 | Buffer overflow in NimBLE MESH Bluetooth stack | NimBLE through 1.7.0 | NimBLE 1.8.0 |
| CVE-2024-47249 | Lack of input sanitization leading to out-of-bound reads in multiple advertisement handler | NimBLE through 1.7.0 | NimBLE 1.8.0 |
| CVE-2024-47250 | Lack of input validation in HCI advertising report could lead to potential out-of-bound access | NimBLE through 1.7.0 | NimBLE 1.8.0 |
| CVE-2024-51569 | Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler | NimBLE through 1.7.0 | NimBLE 1.8.0 |