Mrdeep1

**Name of the Vulnerable Software and Affected Versions** libcoap library versions 4.3.1-103-g52cfd56 through 4.3.1-119 **Description** The issue is related to a Buffer Overflow vulnerability in the `coap send` function. This vulnerability allows attackers to obtain sensitive information via a malformed pdu. **Recommendations** For libcoap library versions 4.3.1-103-g52cfd56 through 4.3.1-119, update to version 4.3.1-120-ge242200 to resolve the issue. As a temporary workaround, consider restricting the use of the `coap send` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** libcoap version 4.3.1 **Description** The issue is related to a buffer over-read in the `coap parse oscore conf mem` function located at `coap oscore.c`. This function is part of the libcoap library. **Recommendations** For libcoap version 4.3.1, consider disabling the `coap parse oscore conf mem` function as a temporary workaround until a patch is available.