Known CVE vulnerabilities and GitHub Security Advisories affecting the Hex package ash, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2025-48043: Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files…
CVE-2025-48044: Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files…
CVE-2026-34593 — CVSS 7.5 (high): Ash Framework is a declarative, extensible framework for building Elixir applications. Prior to version 3.22.0, Ash.Type.Module.cast_input/2…
CVE-2025-48042: Incorrect Authorization vulnerability in ash-project ash allows Exploiting Incorrectly Configured Access Control Security Levels. This…
CVE-2026-55736: Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the…