exploitDog

GHSA-357m-v762-qj4c

Опубликовано: 11 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 6.9

CVSS3: 6.2

Описание

A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

6.9 Medium

CVSS4

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-120

Связанные уязвимости

CVE-2025-24956

CVSS3: 6.2

nvd

12 месяцев назад

A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.

EPSS

Процентиль: 33%

0.00134

Низкий

6.9 Medium

CVSS4

6.2 Medium

CVSS3

CVE ID

Дефекты

CWE-120