Hex (Elixir) package
ash_authentication
pkg:hex/ash_authentication
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-32782 | Med | 5.3 | < 4.7.0 | 4.7.0 | Apr 15, 2025 | Ash Authentication provides authentication for the Ash framework. The confirmation flow for account creation currently uses a GET request triggered by clicking a link sent via email. Some email clients and security tools (e.g., Outlook, virus scanners, and email previewers) may a | |
| CVE-2025-25202 | — | >= 4.1.0, < 4.4.9 | 4.4.9 | Feb 11, 2025 | Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used the magic link strategy _or_ are manually revoking tokens are affected by revoked |
- affected < 4.7.0fixed 4.7.0
Ash Authentication provides authentication for the Ash framework. The confirmation flow for account creation currently uses a GET request triggered by clicking a link sent via email. Some email clients and security tools (e.g., Outlook, virus scanners, and email previewers) may a
- CVE-2025-25202Feb 11, 2025affected >= 4.1.0, < 4.4.9fixed 4.4.9
Ash Authentication is an authentication framework for Elixir applications. Applications which have been bootstrapped by the igniter installer present since AshAuthentication v4.1.0 and who have used the magic link strategy _or_ are manually revoking tokens are affected by revoked