CNNVD-202601-3357 Information

CNNVD ID

CNNVD-202601-3357

Related CVE

CVE-2025-68138

• CNNVD Published: 2026-01-21

Description (Chinese)

libocpp是EVerest开源的一个开放式充电点协议。 libocpp 0.30.1之前版本存在安全漏洞，该漏洞源于strdup返回的指针未被释放，可能导致内存耗尽和拒绝服务。

Description (English)

libocpp is an open charging point protocol for the EVerest open source. There was a security loophole in the pre-libocpp 0.30.1 version, which stemmed from the fact that the pointers returned by Strdup had not been released, which could lead to depletion of memory and denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

EVerest

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/EVerest/libocpp/blob/89c7b62ec899db637f43b54f19af2c4af30cfa66/lib/ocpp/common/websocket/websocket_libwebsockets.cpp https://github.com/EVerest/everest-core/security/advisories/GHSA-f8c2-44c3-7v55 https://access.redhat.com/security/cve/cve-2025-68138

Patch

https://github.com/EVerest/libocpp/releases