Libocpp
by Everest
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-59399 | Low | 0.13 | 3.1 | 0.00 | Sep 15, 2025 | libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation. | ||
| CVE-2025-59398 | Low | 0.13 | 3.1 | 0.00 | Sep 15, 2025 | The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw. | ||
| CVE-2025-68138 | 0.00 | — | 0.00 | Jan 21, 2026 | EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will… |
- risk 0.13cvss 3.1epss 0.00
libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation.
- risk 0.13cvss 3.1epss 0.00
The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.
- CVE-2025-68138Jan 21, 2026risk 0.00cvss —epss 0.00
EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will…