GCVE - cpe:2.3:a:valvesoftware:game_networking

Approved changes feed: RSS · Atom

cpe:2.3:a:valvesoftware:game_networking_sockets:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Valvesoftware (`1f899491-a623-563d-8b9f-d478abb59c2f`)
Product	Game Networking Sockets (`8fa44a46-6a69-53a0-b5e8-64cc49870446`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/valvesoftware/gamenetworkingsockets`	purl2cpe	2026-06-01 10:16:18.261210
`pkg:rpm/opensuse/gamenetworkingsockets`	purl2cpe	2026-06-01 10:16:18.261212
`pkg:sourceforge/gamenetworkingsockets.mirror`	purl2cpe	2026-06-01 10:16:18.261215

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-6019`	vulnerable	2026-06-08 05:26:44.452620	Details available Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash. Published: 2020-11-13T15:03:31.000Z Updated: 2024-08-04T08:47:41.004Z Open on db.gcve.eu Reference links https://github.com/ValveSoftware/GameNetworkingSockets/commit/d944a10808891d202bb1d5e1998de6e0423af678 https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-6018`	vulnerable	2026-06-08 05:26:44.452219	Details available Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. Published: 2020-12-02T01:01:38.000Z Updated: 2024-08-04T08:47:40.942Z Open on db.gcve.eu Reference links https://github.com/ValveSoftware/GameNetworkingSockets/commit/bea84e2844b647532a9b7fbc3a6a8989d66e49e3 https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-6017`	vulnerable	2026-06-08 05:26:44.451777	Details available Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. Published: 2020-12-03T13:34:00.000Z Updated: 2024-08-04T08:47:40.930Z Open on db.gcve.eu Reference links https://github.com/ValveSoftware/GameNetworkingSockets/commit/e0c86dcb9139771db3db0cfdb1fb8bef0af19c43 https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-6016`	vulnerable	2026-06-08 05:26:44.451024	Details available Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruption and probably even a remote code execution. Published: 2020-11-18T14:11:49.000Z Updated: 2024-08-04T08:47:41.048Z Open on db.gcve.eu Reference links https://github.com/ValveSoftware/GameNetworkingSockets/commit/e0c86dcb9139771db3db0cfdb1fb8bef0af19c43 https://research.checkpoint.com/2020/game-on-finding-vulnerabilities-in-valves-steam-sockets/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Game Networking Sockets

PURL mappings

Vulnerability references

Contribute