EVerest/libocpp

EVerest/libocpp

Releases61

Frequency2 weeks 4 days

Last Release 6 months ago

Stars148

C++ implementation of the Open Charge Point Protocol

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-68138 ↗	Jan 21, 2026Wednesday, 21 January 2026, 20:16	4.7 MEDIUM	—
EVerest is an EV charging software stack, and EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In libocpp prior to version 0.30.1, pointers returned by the `strdup` calls are never freed. At each connection attempt, the newly allocated memory area will be leaked, potentially causing memory exhaustion and denial of service. Version 0.30.1 fixes the issue.
CVE-2025-59398 ↗	Sep 15, 2025Monday, 15 September 2025, 19:15	3.1 LOW	—
The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.
CVE-2025-59399 ↗	Sep 15, 2025Monday, 15 September 2025, 19:15	3.1 LOW	—
libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation.