Vulnerabilidades em ash-project
6 resultadosCVE-2025-48044HIGHAuthorization bypass when bypass policy condition evaluates to trueEPSS 0.8%CVE-2024-49756MEDIUMAshPostgres empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability.EPSS 0.5%CVE-2025-48043HIGHBypass and runtime policies that can never pass may be incorrectly applied in filter authorizationEPSS 0.5%CVE-2026-34593HIGHAsh Framework: Ash.Type.Module.cast_input/2 atom exhaustion via unchecked Module.concat allows BEAM VM crashEPSS 0.4%CVE-2025-4754LOWMissing Session Revocation on Logout in ash_authentication_phoenixEPSS 0.4%CVE-2025-48042HIGHBefore action hooks may execute in certain scenarios despite a request being forbiddenEPSS 0.3%