An issue was discovered in Dalmann OCPP.Core before 1.2.0 for OCPP (Open Charge Point Protocol) for electric vehicles. It does not validate the length of the chargePointVendor field in a BootNotification message, potentially leading to server instability and a denial of service when processing excessively large inputs. NOTE: the vendors perspective is OCPP.Core is intended for use in a protected environment/network.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Open_charge_point_protocol | Dallmann-consulting | * | 1.2.0 (excluding) |