moonlight-stream MOONLIGHT 0.10.22 for Chrome
Approved changes feed: RSS · Atom
cpe:2.3:a:moonlight-stream:moonlight:0.10.22:*:*:*:*:chrome:*:*
part: a version: 0.10.22 update: *
| Vendor | Moonlight Stream (cf05c400-e3d3-5102-859f-80ab9a6145af) |
|---|---|
| Product | Moonlight (413fc5ee-bec2-5f75-960f-c53789a8cdbe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | chrome |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/moonlight-stream/moonlight-ios |
purl2cpe | 2026-06-01 10:14:43.645900 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-42800 |
vulnerable | 2026-06-08 06:11:09.510204 |
Buffer overflow due to use of `strcpy` in `performRtspHandshake`
HIGH (8.8)
Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0.
Published: 2023-12-14T16:57:44.846Z
Updated: 2024-11-27T15:50:13.246Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42799 |
vulnerable | 2026-06-08 06:11:09.504721 |
Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString`
HIGH (8.8)
Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 02b7742f4d19631024bd766bd2bb76715780004e.
Published: 2023-12-14T16:47:00.932Z
Updated: 2024-10-08T14:20:49.115Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.