CVE-2025-48044 | ash up to 3.7.0 lib/ash/policy/policy.ex authorization (GHSA-pcxq-fjp3-r752)

Inserito da Angelo Barbosa | Ott 17, 2025 | CVE

A vulnerability categorized as critical has been discovered in ash up to 3.7.0. This affects an unknown part in the library lib/ash/policy/policy.ex. Executing manipulation can lead to incorrect authorization.

The identification of this vulnerability is CVE-2025-48044. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2025-48044 | ash up to 3.7.0 lib/ash/policy/policy.ex authorization (GHSA-pcxq-fjp3-r752)

Post correlati

CVE-2024-33689 | Tony Zeoli & Tony Hayes Radio Station Plugin up to 2.5.7 on WordPress cross-site request forgery

CVE-2024-6813 | Netgear ProSAFE Network Management System getSortString sql injection

CVE-2024-6186 | Ruijie RG-UAC 1.0 commit.php ad_log_name os command injection

CVE-2024-33214 | Tenda FH1206 1.2.0.8(8155)_EN ip/goform/RouteStatic entrys stack-based overflow