PT-2026-3851 · Everest · Libocpp
Published
2026-01-21
·
Updated
2026-01-21
·
CVE-2025-68138
CVSS v3.1
4.7
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
EVerest libocpp versions prior to 0.30.1
Description
EVerest libocpp is a C++ implementation of the Open Charge Point Protocol. In versions prior to 0.30.1, memory allocated using
strdup is not freed. This results in a memory leak with each connection attempt, potentially leading to memory exhaustion and denial of service.Recommendations
Update to version 0.30.1 or later.
Exploit
Fix
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libocpp