Description

Insufficient Session Expiration vulnerability in ash-project ash_authentication_phoenix allows Session Hijacking. This vulnerability is associated with program files lib/ash_authentication_phoenix/controller.ex. This issue affects ash_authentication_phoenix until 2.10.0.

INFO

Published Date :

2025-06-17T14:31:37.006Z

Last Modified :

2026-04-06T16:44:00.150Z

Source :

EEF
AFFECTED PRODUCTS

The following products are affected by CVE-2025-4754 vulnerability.

Vendors Products
Team-alembic
  • Ash Authentication Phoenix
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-4754.

URL Resource
https://cna.erlef.org/cves/CVE-2025-4754.html cve-icon cve-icon
https://github.com/team-alembic/ash_authentication_phoenix/commit/a3253fb4fc7145aeb403537af1c24d3a8d51ffb1 cve-icon cve-icon
https://github.com/team-alembic/ash_authentication_phoenix/pull/634 cve-icon cve-icon
https://github.com/team-alembic/ash_authentication_phoenix/security/advisories/GHSA-f7gq-h8jv-h3cq cve-icon cve-icon
https://osv.dev/vulnerability/EEF-CVE-2025-4754 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability