CVE-2023-52096

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52096

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52096.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-52096

Published

2023-12-26T23:15:07Z

Modified

2025-10-21T13:34:31.059601Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in certain situations (such as when an application receives a StartTransaction Open Charge Point Protocol message with a timestamp parameter of 1000000). This may lead to a SQL exception in applications, and may undermine the integrity of transaction records.

References

Affected packages

Git / github.com/steve-community/ocpp-jaxb

Affected ranges

Type: GIT
Repo: https://github.com/steve-community/ocpp-jaxb
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e313432373e27175f6e1ddeb6cc837bfc3e79456

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7