Yevgenypats

**Name of the Vulnerable Software and Affected Versions** Mongoose version 6.15 **Description** The issue is related to a heap-based buffer over-read in the `mq parse http` function in `mongoose.c`. **Recommendations** For Mongoose version 6.15, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Exiv2 versions through 0.27.2 **Description** The issue is related to an out-of-bounds read in the mrwimage.cpp component of the Exiv2 library, which manages media file metadata. This could allow a remote attacker to cause a denial of service. **Recommendations** For Exiv2 versions through 0.27.2, update to a version that contains a fix for this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.