moonlight-stream MOONLIGHT Embedded 2.6.0
Approved changes feed: RSS · Atom
cpe:2.3:a:moonlight-stream:moonlight_embedded:2.6.0:*:*:*:*:*:*:*
part: a version: 2.6.0 update: *
| Vendor | Moonlight Stream (cf05c400-e3d3-5102-859f-80ab9a6145af) |
|---|---|
| Product | Moonlight Embedded (751e9330-79b2-5dd8-aa0d-db7beed2e839) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/moonlight-stream/moonlight-embedded |
purl2cpe | 2026-06-01 10:14:43.668074 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-42800 |
vulnerable | 2026-06-08 06:11:09.510342 |
Buffer overflow due to use of `strcpy` in `performRtspHandshake`
HIGH (8.8)
Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 24750d4b748fefa03d09fcfd6d45056faca354e0.
Published: 2023-12-14T16:57:44.846Z
Updated: 2024-11-27T15:50:13.246Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-42799 |
vulnerable | 2026-06-08 06:11:09.505613 |
Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString`
HIGH (8.8)
Moonlight-common-c contains the core GameStream client code shared between Moonlight clients. Moonlight-common-c is vulnerable to buffer overflow starting in commit 50c0a51b10ecc5b3415ea78c21d96d679e2288f9 due to unmitigated usage of unsafe C functions and improper bounds checking. A malicious game streaming server could exploit a buffer overflow vulnerability to crash a moonlight client, or achieve remote code execution (RCE) on the client (with insufficient exploit mitigations or if mitigations can be bypassed). The bug was addressed in commit 02b7742f4d19631024bd766bd2bb76715780004e.
Published: 2023-12-14T16:47:00.932Z
Updated: 2024-10-08T14:20:49.115Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.