Medium severity5.3NVD Advisory· Published Aug 8, 2018· Updated Jun 17, 2026
CVE-2018-3778
CVE-2018-3778
Description
Improper authorization in aedes version <0.35.0 will publish a LWT in a channel when a client is not authorized.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
aedesnpm | < 0.35.1 | 0.35.1 |
Affected products
2- HackerOne/aedesv5Range: >=0.35.1
Patches
Vulnerability mechanics
References
8- github.com/mcollina/aedes/issues/211nvdIssue TrackingPatchThird Party Advisory
- github.com/advisories/GHSA-4cmx-hrq9-c23pghsaADVISORY
- github.com/mcollina/aedes/issues/212nvdIssue TrackingThird Party Advisory
- github.com/nodejs/security-wg/blob/master/vuln/npm/457.jsonnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-3778ghsaADVISORY
- github.com/moscajs/aedes/commit/ffbc1702bb24b596afbb96407cc6db234a4044a8ghsaWEB
- github.com/moscajs/aedes/issues/211ghsaWEB
- github.com/moscajs/aedes/issues/212ghsaWEB
News mentions
0No linked articles in our index yet.