CNNVD-202509-1017 Information

CNNVD ID

CNNVD-202509-1017

Related CVE

CVE-2025-48042

• CNNVD Published: 2025-09-07

Description (Chinese)

Ash Framework是Ash Framework开源的一个用于构建Elixir应用程序的框架。 Ash Framework 3.5.39之前版本存在安全漏洞，该漏洞源于授权不当，可能导致访问控制绕过。

Description (English)

Ash Framework is an open-source framework for the construction of Elixir applications. There was a security loophole in the previous version of Ash Framework 3.5.39, which stemmed from inappropriate authorization and could lead to access controls circumventing.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ash Framework

Published

2025-09-07

Last Modified

2026-02-24

References

https://github.com/ash-project/ash/commit/5d1b6a5d00771fd468a509778637527b5218be9a https://github.com/ash-project/ash/security/advisories/GHSA-jj4j-x5ww-cwh9 https://access.redhat.com/security/cve/cve-2025-48042

Patch

https://github.com/ash-project/ash/releases