CNNVD-202509-2004 Information
CNNVD ID
CNNVD-202509-2004
Related CVE
- CNNVD Published: 2025-09-15
Description (Chinese)
libocpp是EVerest开源的一个开放式充电点协议。 libocpp 0.26.2之前版本存在安全漏洞,该漏洞源于处理超过255字符的JSON输入时创建CiString<255>对象导致崩溃,可能导致拒绝服务。
Description (English)
libocpp is an open charging point protocol for the EVerest open source. There was a security loophole in the pre-libocpp 0.26.2 version, which resulted from the collapse of the Cistring <255 > object when it was created to process JSON input of more than 255 characters, which could lead to the denial of service.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
EVerest
Published
2025-09-15
Last Modified
2026-02-24
References
https://github.com/EVerest/everest-core/commit/253432ae7458ad0445f68f9d716086090c2be49c https://github.com/EVerest/libocpp/commit/fb391b4ff16a0a07150e5a8eebf0856fb6623cbe https://github.com/EVerest/everest-core/issues/1152 https://github.com/EVerest/libocpp/compare/v0.26.1…v0.26.2 https://github.com/EVerest/libocpp/pull/1052 https://access.redhat.com/security/cve/cve-2025-59398
Patch
https://github.com/EVerest/libocpp/releases
Share on: