{"id":"CVE-2025-59399","details":"libocpp before 0.28.0 allows a denial of service (EVerest crash) because a secondary exception is thrown during error message generation.","modified":"2026-04-12T18:47:04.442941Z","published":"2025-09-15T19:15:36.307Z","references":[{"type":"WEB","url":"https://github.com/EVerest/libocpp/compare/v0.27.1...v0.28.0"},{"type":"FIX","url":"https://github.com/EVerest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/EVerest/libocpp","events":[{"introduced":"0"},{"fixed":"1d2ce8db1b699f13fe73c17e71d2f25f7b68da32"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"0.28.0"}]}},{"type":"GIT","repo":"https://github.com/everest/libocpp","events":[{"introduced":"0"},{"fixed":"0b84d7f9fb3c338d470770f220a7b7f21db78878"}]}],"versions":["v0.1.0","v0.10.0","v0.11.0","v0.12.0","v0.13.0","v0.13.1","v0.14.0","v0.15.0","v0.15.1","v0.16.0","v0.16.1","v0.16.2","v0.17.0","v0.17.1","v0.17.2","v0.18.0","v0.19.0","v0.2.0","v0.20.0","v0.21.0","v0.22.0","v0.23.0","v0.24.1","v0.24.2","v0.25.0","v0.26.0","v0.26.1","v0.26.2","v0.26.3","v0.27.0","v0.27.1","v0.3.0","v0.4.0","v0.4.1","v0.5.0","v0.5.1","v0.5.2","v0.6.1","v0.7.0","v0.8.0","v0.8.1","v0.8.5","v0.8.6","v0.8.7","v0.9.3","v0.9.4","v0.9.5","v0.9.6","v0.9.7","v0.9.8"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","source":"https://github.com/everest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878","id":"CVE-2025-59399-46b7232d","digest":{"line_hashes":["209766885764611737436061403239945851995","204607136026051847477249598771079154876","44497115711603872977858537783534423145","223698307619159020692220161236927047827"],"threshold":0.9},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_impl.cpp"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/EVerest/libocpp/commit/1d2ce8db1b699f13fe73c17e71d2f25f7b68da32","id":"CVE-2025-59399-5ff4d225","digest":{"function_hash":"255967477608398380744279461039020423285","length":699},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_configuration.cpp","function":"ChargePointConfiguration::getTariffMessageWithDefaultPriceTextOffline"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/everest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878","id":"CVE-2025-59399-60cde900","digest":{"line_hashes":["25299234459406031840467776679802719044","315094674306320564597409304336019623839","202270899290576842256687279282073161545","220080872456833072388885539846130812774","74478917301716849278263463923932173945","119640511448671455571851835210788760523","189603367973680004910531522292522279197","329914649163498463201405919058363773259","44080981853222821786728701797325728186","204151417930325884373647217420963107175","112366757567264701845825871729671194369","113682744450741709582099387594592368450","202270899290576842256687279282073161545","220080872456833072388885539846130812774"],"threshold":0.9},"deprecated":false,"target":{"file":"lib/ocpp/v2/charge_point.cpp"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/everest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878","id":"CVE-2025-59399-8e7f5a9b","digest":{"function_hash":"309955338134842391307232244633507256553","length":8891},"deprecated":false,"target":{"file":"lib/ocpp/v2/charge_point.cpp","function":"ChargePoint::message_callback"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/EVerest/libocpp/commit/1d2ce8db1b699f13fe73c17e71d2f25f7b68da32","id":"CVE-2025-59399-932c0436","digest":{"line_hashes":["117609174322161062841287260157576282117","190745477746767717033008519451010911765","277784851957319770191513190138071568042","228041008810102927538824002122205330892","71100662453242256600152162041264277848","94592947900199691752636238547298653511","100301717309852473317382620462698210364","316218814488934216851838811806881082775","58878302711084570146201100477003987888","193533157013124055071253672562619998920","271921232576175074811355041028146284480"],"threshold":0.9},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_impl.cpp"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/EVerest/libocpp/commit/1d2ce8db1b699f13fe73c17e71d2f25f7b68da32","id":"CVE-2025-59399-9725dd05","digest":{"line_hashes":["49514280794240483717640960373824915964","239934390293254344980836655913844233728","299754318446561888144560132180567577519","57172951299256230513980302010431010311","290401828999704137673675493563615376510","154874567145489419139936536507991507971","775736999329762798201962025691728876","261008516690107617858917258631411024745","204900380053066055172684615670779418218","16527821823975875119054510297901601105","83501202786031148843678530779404712621","36404066186519440948521221025196315000","243864204987234412307263594133241876378","211828990327216168155445043121253969066","12826869705639237243072121403411963875","28855955300388759977309778709873445688","2959922464114545273423590941176547067","96213699054829614773815427771090297671","84139131905669012648866762038087326715","291768709879910918899124547072988939759","188438189541419912238949103580761406399","103502045692292649369530847735059309519","127707979589294394962882181885259218863","290401828999704137673675493563615376510","154874567145489419139936536507991507971","775736999329762798201962025691728876","261008516690107617858917258631411024745","204900380053066055172684615670779418218","3762430641247452096390446789477784827","165181971454653506573157951428580826715","22008848490329486372555711872338420694","41886880343013585347507497007040952777","276599747322456655520718057924593882721","191387874484247955827744133595236488215","28855955300388759977309778709873445688","2959922464114545273423590941176547067","96213699054829614773815427771090297671","84139131905669012648866762038087326715","152497024198382757557013080226780693521"],"threshold":0.9},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_configuration.cpp"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/EVerest/libocpp/commit/1d2ce8db1b699f13fe73c17e71d2f25f7b68da32","id":"CVE-2025-59399-b368dfa0","digest":{"function_hash":"73994883227967532200767388055855200139","length":678},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_configuration.cpp","function":"ChargePointConfiguration::getTariffMessageWithDefaultPriceText"},"signature_type":"Function"},{"signature_version":"v1","source":"https://github.com/EVerest/libocpp/commit/1d2ce8db1b699f13fe73c17e71d2f25f7b68da32","id":"CVE-2025-59399-d2d0b2d4","digest":{"line_hashes":["52564940991756415897980097223455619289","145515638298982473505473414917668406220","8406383378988835671162413007551044860","64062881513990592024926614181612544547","150823740852389978746858348470066227140"],"threshold":0.9},"deprecated":false,"target":{"file":"include/ocpp/v16/charge_point_configuration.hpp"},"signature_type":"Line"},{"signature_version":"v1","source":"https://github.com/everest/libocpp/commit/0b84d7f9fb3c338d470770f220a7b7f21db78878","id":"CVE-2025-59399-d90f7805","digest":{"function_hash":"180844700051127089775644504739232904775","length":6113},"deprecated":false,"target":{"file":"lib/ocpp/v16/charge_point_impl.cpp","function":"ChargePointImpl::message_callback"},"signature_type":"Function"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-59399.json","vanir_signatures_modified":"2026-04-12T18:47:04Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}]}