pkg:Hex/ash

4 total CVEsHIGH1MEDIUM1

✅ Check your installed version

All known vulnerabilities

  • HIGH8.1CVE-2025-48044Ash has authorization bypass when bypass policy condition evaluates to true
    >= 3.6.3, < 3.7.1
  • MEDIUM5.6CVE-2025-48042Before action, Ash's hooks may execute in certain scenarios despite a request being forbidden
    from 0, < 3.5.39
  • CVE-2026-34593Ash.Type.Module.cast_input/2 atom exhaustion via unchecked Module.concat allows BEAM VM crash
    from 0, < 3.22.0
  • CVE-2025-48043Ash Framework: Filter authorization misapplies impossible bypass/runtime policies
    from 0, < 3.6.2