ash-hq ash_framework CVE Vulnerabilities (1)

CVEs: 1 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting ash-hq ash_framework (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-34593 Ash Framework is a declarative, extensible framework for building Elixir applications. Prior to version 3.22.0, Ash.Type.Module.cast_input/2 unconditionally creates a new Erlang atom via Module.concat([value]) for any user-supplied binary string that starts with "Elixir.", before verifying whether the referenced module exists. Because Erlang atoms are never garbage-collected and the BEAM atom table has a hard default limit of approximately 1,048,576 entries, an attacker who can submit values to [email protected] 8.2 0.42% 2026-04-02 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence