CVE-2025-48042
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-48042
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-48042.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-48042
- Aliases
- Published
- 2025-09-07T16:15:51Z
- Modified
- 2025-09-10T07:30:13.571596Z
- Summary
- [none]
- Details
-
Incorrect Authorization vulnerability in ash-project ash allows Exploiting Incorrectly Configured Access Control Security Levels. This vulnerability is associated with program files lib/ash/actions/create/bulk.ex, lib/ash/actions/destroy/bulk.ex, lib/ash/actions/update/bulk.ex and program routines 'Elixir.Ash.Actions.Create.Bulk':run/5, 'Elixir.Ash.Actions.Destroy.Bulk':run/6, 'Elixir.Ash.Actions.Update.Bulk:run'/6.
This issue affects ash: from pkg:hex/ash before pkg:hex/ash@3.5.39, before 3.5.39, before 5d1b6a5d00771fd468a509778637527b5218be9a.
- References
Affected packages
Git / github.com/ash-project/ash
Affected ranges
- Type
- GIT
- Repo
- https://github.com/ash-project/ash
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
3.*
3.0.3
3.4.56
v0.*
v0.1.1
v0.1.3
v0.1.4
v0.1.5
v0.1.6
v0.1.7
v0.1.9
v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.13.1
v0.2.0
v0.3.0
v0.4.0
v0.5.0
v0.5.1
v0.5.2
v0.6.0
v0.6.1
v0.6.2
v0.6.3
v0.6.4
v0.6.5
v0.7.0
v0.8.0
v0.9.0
v0.9.1
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.10.0
v1.11.0
v1.11.1
v1.12.0
v1.13.0
v1.13.1
v1.13.2
v1.13.3
v1.13.4
v1.14.0
v1.15.0
v1.15.1
v1.16.0
v1.16.1
v1.16.2
v1.17.0
v1.17.1
v1.18.0
v1.18.1
v1.19.0
v1.19.1
v1.2.0
v1.2.1
v1.20.0
v1.20.1
v1.22.0
v1.22.1
v1.23.0
v1.23.1
v1.23.2
v1.23.3
v1.24.0
v1.24.1
v1.24.2
v1.25.0
v1.25.1
v1.25.2
v1.25.3
v1.25.4
v1.25.5
v1.25.6
v1.25.7
v1.25.8
v1.26.0
v1.26.1
v1.26.10
v1.26.11
v1.26.12
v1.26.13
v1.26.2
v1.26.3
v1.26.4
v1.26.5
v1.26.6
v1.26.7
v1.26.8
v1.26.9
v1.27.0
v1.27.1
v1.28.0
v1.28.1
v1.29.0-rc0
v1.29.0-rc1
v1.3.0
v1.3.1
v1.30.0
v1.30.1
v1.30.2
v1.31.0
v1.31.1
v1.32.0
v1.32.1
v1.32.2
v1.33.0
v1.34.0
v1.34.1
v1.34.2
v1.34.3
v1.34.5
v1.34.6
v1.34.7
v1.34.8
v1.34.9
v1.35.0
v1.35.1
v1.36.0
v1.36.1
v1.36.10
v1.36.11
v1.36.12
v1.36.13
v1.36.14
v1.36.15
v1.36.16
v1.36.17
v1.36.18
v1.36.19
v1.36.2
v1.36.21
v1.36.22
v1.36.3
v1.36.4
v1.36.5
v1.36.6
v1.36.7
v1.36.8
v1.36.9
v1.37.0
v1.37.2
v1.39.0
v1.39.1
v1.39.2
v1.39.3
v1.39.4
v1.39.5
v1.39.6
v1.39.7
v1.4.0
v1.4.1
v1.41.0
v1.41.1
v1.41.10
v1.41.11
v1.41.12
v1.41.2
v1.41.3
v1.41.4
v1.41.5
v1.41.6
v1.41.7
v1.41.8
v1.41.9
v1.42.0
v1.43.0
v1.43.1
v1.43.10
v1.43.11
v1.43.12
v1.43.2
v1.43.3
v1.43.4
v1.43.5
v1.43.6
v1.43.7
v1.43.8
v1.43.9
v1.44.0
v1.44.1
v1.44.10
v1.44.11
v1.44.12
v1.44.13
v1.44.2
v1.44.3
v1.44.4
v1.44.5
v1.44.6
v1.44.7
v1.44.8
v1.44.9
v1.45.0-rc0
v1.45.0-rc1
v1.45.0-rc10
v1.45.0-rc11
v1.45.0-rc12
v1.45.0-rc13
v1.45.0-rc14
v1.45.0-rc15
v1.45.0-rc16
v1.45.0-rc17
v1.45.0-rc18
v1.45.0-rc19
v1.45.0-rc2
v1.45.0-rc20
v1.45.0-rc3
v1.45.0-rc4
v1.45.0-rc5
v1.45.0-rc6
v1.45.0-rc7
v1.45.0-rc8
v1.45.0-rc9
v1.46.0
v1.46.1
v1.46.10
v1.46.11
v1.46.12
v1.46.13
v1.46.2
v1.46.3
v1.46.4
v1.46.5
v1.46.6
v1.46.7
v1.46.8
v1.46.9
v1.47.0
v1.47.1
v1.47.10
v1.47.11
v1.47.12
v1.47.2
v1.47.3
v1.47.4
v1.47.5
v1.47.6
v1.47.7
v1.47.8
v1.47.9
v1.48.0-rc.0
v1.48.0-rc.1
v1.48.0-rc.10
v1.48.0-rc.11
v1.48.0-rc.12
v1.48.0-rc.13
v1.48.0-rc.14
v1.48.0-rc.15
v1.48.0-rc.16
v1.48.0-rc.17
v1.48.0-rc.18
v1.48.0-rc.19
v1.48.0-rc.2
v1.48.0-rc.20
v1.48.0-rc.21
v1.48.0-rc.22
v1.48.0-rc.23
v1.48.0-rc.24
v1.48.0-rc.25
v1.48.0-rc.26
v1.48.0-rc.27
v1.48.0-rc.28
v1.48.0-rc.29
v1.48.0-rc.3
v1.48.0-rc.30
v1.48.0-rc.4
v1.48.0-rc.5
v1.48.0-rc.6
v1.48.0-rc.8
v1.48.0-rc.9
v1.49.0
v1.5.0
v1.5.1
v1.50.0
v1.50.1
v1.50.10
v1.50.11
v1.50.12
v1.50.13
v1.50.14
v1.50.15
v1.50.16
v1.50.17
v1.50.18
v1.50.19
v1.50.2
v1.50.20
v1.50.21
v1.50.3
v1.50.4
v1.50.5
v1.50.6
v1.50.7
v1.50.8
v1.50.9
v1.51.0
v1.51.1
v1.51.2
v1.52.0-rc.0
v1.52.0-rc.1
v1.52.0-rc.10
v1.52.0-rc.11
v1.52.0-rc.12
v1.52.0-rc.13
v1.52.0-rc.14
v1.52.0-rc.15
v1.52.0-rc.16
v1.52.0-rc.17
v1.52.0-rc.18
v1.52.0-rc.19
v1.52.0-rc.2
v1.52.0-rc.20
v1.52.0-rc.21
v1.52.0-rc.22
v1.52.0-rc.3
v1.52.0-rc.4
v1.52.0-rc.5
v1.52.0-rc.6
v1.52.0-rc.7
v1.52.0-rc.8
v1.52.0-rc.9
v1.53.0
v1.53.1
v1.53.2
v1.53.3
v1.6.0
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.6.5
v1.6.6
v1.6.7
v1.6.8
v1.7.0
v1.8.0
v1.9.0
v2.*
v2.0.0
v2.0.0-rc.0
v2.0.0-rc.1
v2.0.0-rc.10
v2.0.0-rc.11
v2.0.0-rc.12
v2.0.0-rc.13
v2.0.0-rc.14
v2.0.0-rc.15
v2.0.0-rc.2
v2.0.0-rc.3
v2.0.0-rc.4
v2.0.0-rc.5
v2.0.0-rc.6
v2.0.0-rc.7
v2.0.0-rc.8
v2.0.0-rc.9
v2.1.0
v2.10.0
v2.10.1
v2.10.2
v2.11.0
v2.11.0-rc.0
v2.11.0-rc.1
v2.11.0-rc.2
v2.11.0-rc.3
v2.11.1
v2.11.10
v2.11.11
v2.11.2
v2.11.3
v2.11.4
v2.11.5
v2.11.6
v2.11.7
v2.11.8
v2.11.9
v2.12.0
v2.12.1
v2.13.0
v2.13.1
v2.13.2
v2.13.3
v2.13.4
v2.14.0
v2.14.1
v2.14.10
v2.14.11
v2.14.12
v2.14.13
v2.14.14
v2.14.15
v2.14.16
v2.14.17
v2.14.18
v2.14.19
v2.14.2
v2.14.20
v2.14.21
v2.14.3
v2.14.4
v2.14.5
v2.14.6
v2.14.7
v2.14.8
v2.14.9
v2.15.0
v2.15.1
v2.15.10
v2.15.11
v2.15.12
v2.15.13
v2.15.14
v2.15.15
v2.15.16
v2.15.17
v2.15.18
v2.15.19
v2.15.2
v2.15.20
v2.15.3
v2.15.4
v2.15.5
v2.15.6
v2.15.7
v2.15.8
v2.15.9
v2.16.0
v2.16.1
v2.17.0
v2.17.1
v2.17.10
v2.17.11
v2.17.12
v2.17.13
v2.17.14
v2.17.15
v2.17.16
v2.17.17
v2.17.18
v2.17.19
v2.17.2
v2.17.20
v2.17.21
v2.17.22
v2.17.23
v2.17.24
v2.17.3
v2.17.4
v2.17.5
v2.17.6
v2.17.7
v2.17.8
v2.17.9
v2.18.0
v2.18.1
v2.18.2
v2.19.0
v2.19.1
v2.19.10
v2.19.11
v2.19.12
v2.19.13
v2.19.14
v2.19.2
v2.19.3
v2.19.4
v2.19.5
v2.19.6
v2.19.7
v2.19.8
v2.19.9
v2.2.0
v2.20.0
v2.20.1
v2.20.2
v2.20.3
v2.21.0
v2.21.1
v2.21.2
v2.3.0
v2.4.0
v2.4.1
v2.4.10
v2.4.11
v2.4.12
v2.4.13
v2.4.14
v2.4.15
v2.4.16
v2.4.17
v2.4.18
v2.4.19
v2.4.2
v2.4.20
v2.4.21
v2.4.22
v2.4.23
v2.4.24
v2.4.25
v2.4.26
v2.4.27
v2.4.28
v2.4.29
v2.4.3
v2.4.30
v2.4.4
v2.4.5
v2.4.6
v2.4.7
v2.4.8
v2.4.9
v2.5.0
v2.5.0-rc.0
v2.5.0-rc.1
v2.5.0-rc.2
v2.5.0-rc.3
v2.5.0-rc.4
v2.5.0-rc.5
v2.5.0-rc.6
v2.5.1
v2.5.10
v2.5.11
v2.5.12
v2.5.13
v2.5.14
v2.5.15
v2.5.16
v2.5.2
v2.5.4
v2.5.6
v2.5.7
v2.5.8
v2.5.9
v2.6.0
v2.6.1
v2.6.10
v2.6.11
v2.6.12
v2.6.13
v2.6.14
v2.6.15
v2.6.16
v2.6.17
v2.6.18
v2.6.19
v2.6.2
v2.6.20
v2.6.21
v2.6.22
v2.6.23
v2.6.24
v2.6.25
v2.6.26
v2.6.27
v2.6.29
v2.6.3
v2.6.30
v2.6.31
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v2.7.0
v2.7.1
v2.8.0
v2.8.1
v2.9.0
v2.9.1
v2.9.10
v2.9.11
v2.9.12
v2.9.13
v2.9.14
v2.9.15
v2.9.16
v2.9.17
v2.9.18
v2.9.19
v2.9.2
v2.9.20
v2.9.21
v2.9.22
v2.9.23
v2.9.24
v2.9.25
v2.9.26
v2.9.27
v2.9.28
v2.9.29
v2.9.3
v2.9.4
v2.9.5
v2.9.6
v2.9.7
v2.9.8
v2.9.9
v3.*
v3.0.0-rc.0
v3.0.0-rc.1
v3.0.0-rc.10
v3.0.0-rc.11
v3.0.0-rc.12
v3.0.0-rc.13
v3.0.0-rc.14
v3.0.0-rc.15
v3.0.0-rc.16
v3.0.0-rc.17
v3.0.0-rc.18
v3.0.0-rc.19
v3.0.0-rc.2
v3.0.0-rc.20
v3.0.0-rc.21
v3.0.0-rc.22
v3.0.0-rc.23
v3.0.0-rc.24
v3.0.0-rc.25
v3.0.0-rc.26
v3.0.0-rc.27
v3.0.0-rc.29
v3.0.0-rc.3
v3.0.0-rc.30
v3.0.0-rc.31
v3.0.0-rc.32
v3.0.0-rc.33
v3.0.0-rc.34
v3.0.0-rc.35
v3.0.0-rc.36
v3.0.0-rc.37
v3.0.0-rc.38
v3.0.0-rc.4
v3.0.0-rc.40
v3.0.0-rc.41
v3.0.0-rc.42
v3.0.0-rc.43
v3.0.0-rc.44
v3.0.0-rc.45
v3.0.0-rc.46
v3.0.0-rc.5
v3.0.0-rc.6
v3.0.0-rc.7
v3.0.0-rc.8
v3.0.0-rc.9
v3.0.1
v3.0.10
v3.0.11
v3.0.12
v3.0.13
v3.0.14
v3.0.15
v3.0.16
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0.9
v3.1.1
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.4.1
v3.4.10
v3.4.11
v3.4.12
v3.4.13
v3.4.14
v3.4.15
v3.4.16
v3.4.17
v3.4.18
v3.4.19
v3.4.2
v3.4.20
v3.4.21
v3.4.23
v3.4.24
v3.4.25
v3.4.26
v3.4.27
v3.4.28
v3.4.29
v3.4.3
v3.4.30
v3.4.31
v3.4.32
v3.4.33
v3.4.34
v3.4.35
v3.4.36
v3.4.37
v3.4.38
v3.4.39
v3.4.4
v3.4.40
v3.4.41
v3.4.42
v3.4.43
v3.4.44
v3.4.45
v3.4.46
v3.4.47
v3.4.48
v3.4.5
v3.4.50
v3.4.51
v3.4.53
v3.4.54
v3.4.55
v3.4.56
v3.4.57
v3.4.58
v3.4.59
v3.4.6
v3.4.61
v3.4.62
v3.4.63
v3.4.64
v3.4.65
v3.4.66
v3.4.67
v3.4.68
v3.4.69
v3.4.7
v3.4.70
v3.4.71
v3.4.72
v3.4.73
v3.4.8
v3.4.9
v3.5.1
v3.5.10
v3.5.11
v3.5.12
v3.5.13
v3.5.14
v3.5.15
v3.5.16
v3.5.17
v3.5.18
v3.5.19
v3.5.2
v3.5.21
v3.5.22
v3.5.23
v3.5.24
v3.5.25
v3.5.26
v3.5.27
v3.5.28
v3.5.29
v3.5.3
v3.5.30
v3.5.31
v3.5.32
v3.5.33
v3.5.35
v3.5.36
v3.5.37
v3.5.38
v3.5.4
v3.5.5
v3.5.6
v3.5.7
v3.5.8