References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Change History

https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e

https://github.com/EVerest/everest-core/releases/tag/2024.3.1

https://github.com/EVerest/everest-core/releases/tag/2024.6.0

https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96

EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.

GitHub, Inc. AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

GitHub, Inc. CWE-122

GitHub, Inc. CWE-190

GitHub, Inc. https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e [No types assigned]

GitHub, Inc. https://github.com/EVerest/everest-core/releases/tag/2024.3.1 [No types assigned]

GitHub, Inc. https://github.com/EVerest/everest-core/releases/tag/2024.6.0 [No types assigned]

GitHub, Inc. https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96 [No types assigned]