The OCPP implementation in libocpp before 0.26.2 allows a denial of service (EVerest crash) via JSON input larger than 255 characters, because a CiString<255> object is created with StringTooLarge set to Throw.
Exploitability
AV:AAC:HPR:NUI:NScope
S:UImpact
C:NI:NA:L3.1/CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:LOther