CVE-2024-37310

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-37310

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-37310.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-37310

Related

GHSA-8g9q-7qr9-vc96

Published

2024-07-10T20:15:03Z

Modified

2025-05-28T10:39:43.181337Z

Summary

[none]

Details

EVerest is an EV charging software stack. An integer overflow in the "v2gincomingv2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.

References

Affected packages

Git / github.com/everest/everest-core

Affected ranges

Type: GIT
Repo: https://github.com/everest/everest-core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

48de33ac9ab5388b7223da60996797f8f7c9e8ed

Fixed

48de33ac9ab5388b7223da60996797f8f7c9e8ed

Fixed

e9d8f3912d9e834823c8ce6776148a8490a29f54

Fixed

e9d8f3912d9e834823c8ce6776148a8490a29f54

Fixed

f73620c4c0f626e1097068a47e10cc27b369ad8e

Fixed

f73620c4c0f626e1097068a47e10cc27b369ad8e

Affected versions

2022.*

2022.12.0

2022.12.1

2023.*

2023.1.0

2023.10.0

2023.12.0

2023.2.0

2023.2.1

2023.3.0

2023.5.0

2023.6.0

2023.7.0

2023.8.0

2023.9.0

2023.9.1

2024.*

2024.1.0

2024.2.0

2024.3.0

2024.3.0-rc1

2024.3.0-rc2

2024.4.0

2024.5.0

2024.6.0-rc1

2024.6.0-rc2

2024.6.0-rc3