2 matches found
CVE-2018-3778
Affected software: aedes (MQTT broker) prior to version 0.35.1. Root cause: improper authorization allows publishing a Last Will (LWT) in a channel when a client is not authorized. Impact: potential unauthorized LWT publication in a channel; explicit exploitation details are not provided in the d...
CVE-2020-13410
The CVE-2020-13410 issue affects MoscaJS Aedes 0.42.0, where lib/write.js does not properly handle exceptions when writing an invalid packet to a stream. This detail appears consistently across multiple sources (Red Hat advisory, CVE records, and OSV/GHSA entries). The underlying cause is an impr...