CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-24956
https://notcve.org/view.php?id=CVE-2025-24956
11 Feb 2025 — A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. • https://cert-portal.siemens.com/productcert/html/ssa-647005.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-27242
https://notcve.org/view.php?id=CVE-2022-27242
10 May 2022 — A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. Se ha identificado una vulnerabilidad en OpenV2G (versión V0.9.4). La función de análisis EXI de OpenV2G carece de una comprobación de longitud cuando analiza los números de serie X509. • https://cert-portal.siemens.com/productcert/pdf/ssa-736385.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •