{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T17:44:05.844","vulnerabilities":[{"cve":{"id":"CVE-2024-37310","sourceIdentifier":"security-advisories@github.com","published":"2024-07-10T20:15:03.790","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"EVerest is an EV charging software stack. An integer overflow in the \"v2g_incoming_v2gtp\" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0."},{"lang":"es","value":"EVerest es una pila de software de carga de vehículos eléctricos. Un desbordamiento de enteros en la función \"v2g_incoming_v2gtp\" en la implementación v2g_server.cpp puede permitir que un atacante remoto desborde el montón del proceso. Esta vulnerabilidad se solucionó en 2024.3.1 y 2024.6.0."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e","source":"security-advisories@github.com"},{"url":"https://github.com/EVerest/everest-core/releases/tag/2024.3.1","source":"security-advisories@github.com"},{"url":"https://github.com/EVerest/everest-core/releases/tag/2024.6.0","source":"security-advisories@github.com"},{"url":"https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96","source":"security-advisories@github.com"},{"url":"https://github.com/EVerest/everest-core/commit/f73620c4c0f626e1097068a47e10cc27b369ad8e","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/EVerest/everest-core/releases/tag/2024.3.1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/EVerest/everest-core/releases/tag/2024.6.0","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/EVerest/everest-core/security/advisories/GHSA-8g9q-7qr9-vc96","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://plaxidityx.com/blog/automotive-cyber-security/ev-cyber-security-plaxidityx-discovers-critical-vulnerability-in-everest-open-source-ev-charging-firmware-stack-cve-2024-37310/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}