In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.
{
"unresolved_ranges": [
{
"extracted_events": [
{
"fixed": "4.0.1"
},
{
"fixed": "4.0.1"
}
],
"source": "CPE_RANGE",
"vendor_product": "moonlight-stream:moonlight",
"cpes": [
"cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:iphone_os:*:*",
"cpe:2.3:a:moonlight-stream:moonlight:*:*:*:*:*:tvos:*:*"
]
},
{
"source": "DESCRIPTION",
"extracted_events": [
{
"fixed": "4.0.1"
}
]
}
]
}