CVE-2025-48043

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-48043

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-48043.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-48043

Aliases

Published

2025-10-10T16:15:52.083Z

Modified

2026-02-14T07:58:42.359286Z

Severity

8.6 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator

Summary

[none]

Details

Incorrect Authorization vulnerability in ash-project ash allows Authentication Bypass. This vulnerability is associated with program files lib/ash/policy/authorizer/authorizer.ex and program routines 'Elixir.Ash.Policy.Authorizer':strict_filters/2.

This issue affects ash: from pkg:hex/ash@0 before pkg:hex/ash@3.6.2, before 3.6.2, before 66d81300065b970da0d2f4528354835d2418c7ae.

References

Affected packages

Git / github.com/ash-project/ash

Affected ranges

Type: GIT
Repo: https://github.com/ash-project/ash
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

35c098cc3ab33bfbd8e752845b0a9c6adcb7e600

Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

66d81300065b970da0d2f4528354835d2418c7ae

Affected versions

3.*

3.0.3

3.4.56

v0.*

v0.1.1

v0.1.3

v0.1.4

v0.1.5

v0.1.6

v0.1.7

v0.1.9

v0.10.0

v0.11.0

v0.12.0

v0.13.0

v0.13.1

v0.2.0

v0.3.0

v0.4.0

v0.5.0

v0.5.1

v0.5.2

v0.6.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.6.5

v0.7.0

v0.8.0

v0.9.0

v0.9.1

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.10.0

v1.11.0

v1.11.1

v1.12.0

v1.13.0

v1.13.1

v1.13.2

v1.13.3

v1.13.4

v1.14.0

v1.15.0

v1.15.1

v1.16.0

v1.16.1

v1.16.2

v1.17.0

v1.17.1

v1.18.0

v1.18.1

v1.19.0

v1.19.1

v1.2.0

v1.2.1

v1.20.0

v1.20.1

v1.22.0

v1.22.1

v1.23.0

v1.23.1

v1.23.2

v1.23.3

v1.24.0

v1.24.1

v1.24.2

v1.25.0

v1.25.1

v1.25.2

v1.25.3

v1.25.4

v1.25.5

v1.25.6

v1.25.7

v1.25.8

v1.26.0

v1.26.1

v1.26.10

v1.26.11

v1.26.12

v1.26.13

v1.26.2

v1.26.3

v1.26.4

v1.26.5

v1.26.6

v1.26.7

v1.26.8

v1.26.9

v1.27.0

v1.27.1

v1.28.0

v1.28.1

v1.29.0-rc0

v1.29.0-rc1

v1.3.0

v1.3.1

v1.30.0

v1.30.1

v1.30.2

v1.31.0

v1.31.1

v1.32.0

v1.32.1

v1.32.2

v1.33.0

v1.34.0

v1.34.1

v1.34.2

v1.34.3

v1.34.5

v1.34.6

v1.34.7

v1.34.8

v1.34.9

v1.35.0

v1.35.1

v1.36.0

v1.36.1

v1.36.10

v1.36.11

v1.36.12

v1.36.13

v1.36.14

v1.36.15

v1.36.16

v1.36.17

v1.36.18

v1.36.19

v1.36.2

v1.36.21

v1.36.22

v1.36.3

v1.36.4

v1.36.5

v1.36.6

v1.36.7

v1.36.8

v1.36.9

v1.37.0

v1.37.2

v1.39.0

v1.39.1

v1.39.2

v1.39.3

v1.39.4

v1.39.5

v1.39.6

v1.39.7

v1.4.0

v1.4.1

v1.41.0

v1.41.1

v1.41.10

v1.41.11

v1.41.12

v1.41.2

v1.41.3

v1.41.4

v1.41.5

v1.41.6

v1.41.7

v1.41.8

v1.41.9

v1.42.0

v1.43.0

v1.43.1

v1.43.10

v1.43.11

v1.43.12

v1.43.2

v1.43.3

v1.43.4

v1.43.5

v1.43.6

v1.43.7

v1.43.8

v1.43.9

v1.44.0

v1.44.1

v1.44.10

v1.44.11

v1.44.12

v1.44.13

v1.44.2

v1.44.3

v1.44.4

v1.44.5

v1.44.6

v1.44.7

v1.44.8

v1.44.9

v1.45.0-rc0

v1.45.0-rc1

v1.45.0-rc10

v1.45.0-rc11

v1.45.0-rc12

v1.45.0-rc13

v1.45.0-rc14

v1.45.0-rc15

v1.45.0-rc16

v1.45.0-rc17

v1.45.0-rc18

v1.45.0-rc19

v1.45.0-rc2

v1.45.0-rc20

v1.45.0-rc3

v1.45.0-rc4

v1.45.0-rc5

v1.45.0-rc6

v1.45.0-rc7

v1.45.0-rc8

v1.45.0-rc9

v1.46.0

v1.46.1

v1.46.10

v1.46.11

v1.46.12

v1.46.13

v1.46.2

v1.46.3

v1.46.4

v1.46.5

v1.46.6

v1.46.7

v1.46.8

v1.46.9

v1.47.0

v1.47.1

v1.47.10

v1.47.11

v1.47.12

v1.47.2

v1.47.3

v1.47.4

v1.47.5

v1.47.6

v1.47.7

v1.47.8

v1.47.9

v1.48.0-rc.0

v1.48.0-rc.1

v1.48.0-rc.10

v1.48.0-rc.11

v1.48.0-rc.12

v1.48.0-rc.13

v1.48.0-rc.14

v1.48.0-rc.15

v1.48.0-rc.16

v1.48.0-rc.17

v1.48.0-rc.18

v1.48.0-rc.19

v1.48.0-rc.2

v1.48.0-rc.20

v1.48.0-rc.21

v1.48.0-rc.22

v1.48.0-rc.23

v1.48.0-rc.24

v1.48.0-rc.25

v1.48.0-rc.26

v1.48.0-rc.27

v1.48.0-rc.28

v1.48.0-rc.29

v1.48.0-rc.3

v1.48.0-rc.30

v1.48.0-rc.4

v1.48.0-rc.5

v1.48.0-rc.6

v1.48.0-rc.8

v1.48.0-rc.9

v1.49.0

v1.5.0

v1.5.1

v1.50.0

v1.50.1

v1.50.10

v1.50.11

v1.50.12

v1.50.13

v1.50.14

v1.50.15

v1.50.16

v1.50.17

v1.50.18

v1.50.19

v1.50.2

v1.50.20

v1.50.21

v1.50.3

v1.50.4

v1.50.5

v1.50.6

v1.50.7

v1.50.8

v1.50.9

v1.51.0

v1.51.1

v1.51.2

v1.52.0-rc.0

v1.52.0-rc.1

v1.52.0-rc.10

v1.52.0-rc.11

v1.52.0-rc.12

v1.52.0-rc.13

v1.52.0-rc.14

v1.52.0-rc.15

v1.52.0-rc.16

v1.52.0-rc.17

v1.52.0-rc.18

v1.52.0-rc.19

v1.52.0-rc.2

v1.52.0-rc.20

v1.52.0-rc.21

v1.52.0-rc.22

v1.52.0-rc.3

v1.52.0-rc.4

v1.52.0-rc.5

v1.52.0-rc.6

v1.52.0-rc.7

v1.52.0-rc.8

v1.52.0-rc.9

v1.53.0

v1.53.1

v1.53.2

v1.53.3

v1.6.0

v1.6.1

v1.6.2

v1.6.3

v1.6.4

v1.6.5

v1.6.6

v1.6.7

v1.6.8

v1.7.0

v1.8.0

v1.9.0

v2.*

v2.0.0

v2.0.0-rc.0

v2.0.0-rc.1

v2.0.0-rc.10

v2.0.0-rc.11

v2.0.0-rc.12

v2.0.0-rc.13

v2.0.0-rc.14

v2.0.0-rc.15

v2.0.0-rc.2

v2.0.0-rc.3

v2.0.0-rc.4

v2.0.0-rc.5

v2.0.0-rc.6

v2.0.0-rc.7

v2.0.0-rc.8

v2.0.0-rc.9

v2.1.0

v2.10.0

v2.10.1

v2.10.2

v2.11.0

v2.11.0-rc.0

v2.11.0-rc.1

v2.11.0-rc.2

v2.11.0-rc.3

v2.11.1

v2.11.10

v2.11.11

v2.11.2

v2.11.3

v2.11.4

v2.11.5

v2.11.6

v2.11.7

v2.11.8

v2.11.9

v2.12.0

v2.12.1

v2.13.0

v2.13.1

v2.13.2

v2.13.3

v2.13.4

v2.14.0

v2.14.1

v2.14.10

v2.14.11

v2.14.12

v2.14.13

v2.14.14

v2.14.15

v2.14.16

v2.14.17

v2.14.18

v2.14.19

v2.14.2

v2.14.20

v2.14.21

v2.14.3

v2.14.4

v2.14.5

v2.14.6

v2.14.7

v2.14.8

v2.14.9

v2.15.0

v2.15.1

v2.15.10

v2.15.11

v2.15.12

v2.15.13

v2.15.14

v2.15.15

v2.15.16

v2.15.17

v2.15.18

v2.15.19

v2.15.2

v2.15.20

v2.15.3

v2.15.4

v2.15.5

v2.15.6

v2.15.7

v2.15.8

v2.15.9

v2.16.0

v2.16.1

v2.17.0

v2.17.1

v2.17.10

v2.17.11

v2.17.12

v2.17.13

v2.17.14

v2.17.15

v2.17.16

v2.17.17

v2.17.18

v2.17.19

v2.17.2

v2.17.20

v2.17.21

v2.17.22

v2.17.23

v2.17.24

v2.17.3

v2.17.4

v2.17.5

v2.17.6

v2.17.7

v2.17.8

v2.17.9

v2.18.0

v2.18.1

v2.18.2

v2.19.0

v2.19.1

v2.19.10

v2.19.11

v2.19.12

v2.19.13

v2.19.14

v2.19.2

v2.19.3

v2.19.4

v2.19.5

v2.19.6

v2.19.7

v2.19.8

v2.19.9

v2.2.0

v2.20.0

v2.20.1

v2.20.2

v2.20.3

v2.21.0

v2.21.1

v2.21.2

v2.3.0

v2.4.0

v2.4.1

v2.4.10

v2.4.11

v2.4.12

v2.4.13

v2.4.14

v2.4.15

v2.4.16

v2.4.17

v2.4.18

v2.4.19

v2.4.2

v2.4.20

v2.4.21

v2.4.22

v2.4.23

v2.4.24

v2.4.25

v2.4.26

v2.4.27

v2.4.28

v2.4.29

v2.4.3

v2.4.30

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.0

v2.5.0-rc.0

v2.5.0-rc.1

v2.5.0-rc.2

v2.5.0-rc.3

v2.5.0-rc.4

v2.5.0-rc.5

v2.5.0-rc.6

v2.5.1

v2.5.10

v2.5.11

v2.5.12

v2.5.13

v2.5.14

v2.5.15

v2.5.16

v2.5.2

v2.5.4

v2.5.6

v2.5.7

v2.5.8

v2.5.9

v2.6.0

v2.6.1

v2.6.10

v2.6.11

v2.6.12

v2.6.13

v2.6.14

v2.6.15

v2.6.16

v2.6.17

v2.6.18

v2.6.19

v2.6.2

v2.6.20

v2.6.21

v2.6.22

v2.6.23

v2.6.24

v2.6.25

v2.6.26

v2.6.27

v2.6.29

v2.6.3

v2.6.30

v2.6.31

v2.6.4

v2.6.5

v2.6.6

v2.6.7

v2.6.8

v2.6.9

v2.7.0

v2.7.1

v2.8.0

v2.8.1

v2.9.0

v2.9.1

v2.9.10

v2.9.11

v2.9.12

v2.9.13

v2.9.14

v2.9.15

v2.9.16

v2.9.17

v2.9.18

v2.9.19

v2.9.2

v2.9.20

v2.9.21

v2.9.22

v2.9.23

v2.9.24

v2.9.25

v2.9.26

v2.9.27

v2.9.28

v2.9.29

v2.9.3

v2.9.4

v2.9.5

v2.9.6

v2.9.7

v2.9.8

v2.9.9

v3.*

v3.0.0-rc.0

v3.0.0-rc.1

v3.0.0-rc.10

v3.0.0-rc.11

v3.0.0-rc.12

v3.0.0-rc.13

v3.0.0-rc.14

v3.0.0-rc.15

v3.0.0-rc.16

v3.0.0-rc.17

v3.0.0-rc.18

v3.0.0-rc.19

v3.0.0-rc.2

v3.0.0-rc.20

v3.0.0-rc.21

v3.0.0-rc.22

v3.0.0-rc.23

v3.0.0-rc.24

v3.0.0-rc.25

v3.0.0-rc.26

v3.0.0-rc.27

v3.0.0-rc.29

v3.0.0-rc.3

v3.0.0-rc.30

v3.0.0-rc.31

v3.0.0-rc.32

v3.0.0-rc.33

v3.0.0-rc.34

v3.0.0-rc.35

v3.0.0-rc.36

v3.0.0-rc.37

v3.0.0-rc.38

v3.0.0-rc.4

v3.0.0-rc.40

v3.0.0-rc.41

v3.0.0-rc.42

v3.0.0-rc.43

v3.0.0-rc.44

v3.0.0-rc.45

v3.0.0-rc.46

v3.0.0-rc.5

v3.0.0-rc.6

v3.0.0-rc.7

v3.0.0-rc.8

v3.0.0-rc.9

v3.0.1

v3.0.10

v3.0.11

v3.0.12

v3.0.13

v3.0.14

v3.0.15

v3.0.16

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.8

v3.0.9

v3.1.1

v3.1.5

v3.1.6

v3.1.7

v3.1.8

v3.2.1

v3.2.2

v3.2.3

v3.2.4

v3.2.5

v3.2.6

v3.3.0

v3.3.1

v3.3.2

v3.3.3

v3.4.1

v3.4.10

v3.4.11

v3.4.12

v3.4.13

v3.4.14

v3.4.15

v3.4.16

v3.4.17

v3.4.18

v3.4.19

v3.4.2

v3.4.20

v3.4.21

v3.4.23

v3.4.24

v3.4.25

v3.4.26

v3.4.27

v3.4.28

v3.4.29

v3.4.3

v3.4.30

v3.4.31

v3.4.32

v3.4.33

v3.4.34

v3.4.35

v3.4.36

v3.4.37

v3.4.38

v3.4.39

v3.4.4

v3.4.40

v3.4.41

v3.4.42

v3.4.43

v3.4.44

v3.4.45

v3.4.46

v3.4.47

v3.4.48

v3.4.5

v3.4.50

v3.4.51

v3.4.53

v3.4.54

v3.4.55

v3.4.56

v3.4.57

v3.4.58

v3.4.59

v3.4.6

v3.4.61

v3.4.62

v3.4.63

v3.4.64

v3.4.65

v3.4.66

v3.4.67

v3.4.68

v3.4.69

v3.4.7

v3.4.70

v3.4.71

v3.4.72

v3.4.73

v3.4.8

v3.4.9

v3.5.1

v3.5.10

v3.5.11

v3.5.12

v3.5.13

v3.5.14

v3.5.15

v3.5.16

v3.5.17

v3.5.18

v3.5.19

v3.5.2

v3.5.21

v3.5.22

v3.5.23

v3.5.24

v3.5.25

v3.5.26

v3.5.27

v3.5.28

v3.5.29

v3.5.3

v3.5.30

v3.5.31

v3.5.32

v3.5.33

v3.5.35

v3.5.36

v3.5.37

v3.5.38

v3.5.39

v3.5.4

v3.5.41

v3.5.42

v3.5.43

v3.5.5

v3.5.6

v3.5.7

v3.5.8

v3.6.0

v3.6.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-48043.json"