{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-55736", "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "state": "PUBLISHED", "assignerShortName": "EEF", "dateReserved": "2026-06-17T10:44:34.365Z", "datePublished": "2026-06-23T18:21:13.033Z", "dateUpdated": "2026-06-23T18:21:13.033Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.hex.pm", "cpes": ["cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "modules": ["'Elixir.Ash.Changeset'"], "packageName": "ash", "packageURL": "pkg:hex/ash", "product": "ash", "programFiles": ["lib/ash/changeset/changeset.ex"], "programRoutines": [{"name": "'Elixir.Ash.Changeset':cast_params/4"}, {"name": "'Elixir.Ash.Changeset':get_action_argument/2"}, {"name": "'Elixir.Ash.Changeset':atomic_params/4"}, {"name": "'Elixir.Ash.Changeset':has_argument?/2"}], "repo": "https://github.com/ash-project/ash", "vendor": "ash-project", "versions": [{"lessThan": "3.29.3", "status": "affected", "version": "3.0.0", "versionType": "semver"}]}, {"collectionURL": "https://github.com", "cpes": ["cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "modules": ["'Elixir.Ash.Changeset'"], "packageName": "ash-project/ash", "packageURL": "pkg:github/ash-project/ash", "product": "ash", "programFiles": ["lib/ash/changeset/changeset.ex"], "programRoutines": [{"name": "'Elixir.Ash.Changeset':cast_params/4"}, {"name": "'Elixir.Ash.Changeset':get_action_argument/2"}, {"name": "'Elixir.Ash.Changeset':atomic_params/4"}, {"name": "'Elixir.Ash.Changeset':has_argument?/2"}], "repo": "https://github.com/ash-project/ash", "vendor": "ash-project", "versions": [{"lessThan": "d9b3100219b3ea86d73202bf7368c03a7688efea", "status": "affected", "version": "5967ed3a483ab949866e6d7b043b043e61703f17", "versionType": "git"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An action must declare a private argument (one defined with <tt>public?: false</tt>) whose value is meant to be set only by trusted server-side code, and the application must build the changeset from untrusted user-supplied parameters, passing them straight into <tt>Ash.Changeset.for_create/3</tt>, <tt>for_update/3</tt>, <tt>for_destroy/3</tt>, or into an atomic or bulk update.</p>"}], "value": "An action must declare a private argument (one defined with public?: false) whose value is meant to be set only by trusted server-side code, and the application must build the changeset from untrusted user-supplied parameters, passing them straight into Ash.Changeset.for_create/3, for_update/3, for_destroy/3, or into an atomic or bulk update."}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*", "versionEndExcluding": "3.29.3", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "credits": [{"lang": "en", "type": "finder", "value": "Alfred Vi\u00e9"}, {"lang": "en", "type": "remediation reviewer", "value": "Zach Daniel"}, {"lang": "en", "type": "analyst", "value": "Jonatan M\u00e4nnchen / EEF"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be controlled only by trusted server-side code.<p>Action arguments declared with <tt>public?: false</tt> are meant to be set internally (for example via <tt>Ash.Changeset.set_private_argument/3</tt>) and must not be settable from end-user input. When a changeset is built from a parameter map, Ash filters out private arguments, but the filtering is incomplete.</p><p>In the regular changeset path (<tt>for_create</tt>, <tt>for_update</tt>, <tt>for_destroy</tt>), private arguments are stripped only when the parameter key is an atom. When the key is a binary (string), as is the case for user-supplied parameters, the private argument is kept and the user controls its value. In the atomic path (<tt>Ash.Changeset.fully_atomic_changeset/4</tt>, also reached through atomic and bulk updates), private arguments are not stripped at all, regardless of whether the key is an atom or a binary.</p><p>An attacker who can submit parameters to an action that defines a private argument can therefore inject a value for that argument. Depending on how the application uses the argument (for example an <tt>acting_user_id</tt> driving authorization or record ownership), this can lead to an integrity violation or privilege escalation.</p><p>This issue affects ash: from 3.0.0 before 3.29.3.</p>"}], "value": "Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be controlled only by trusted server-side code.\n\nAction arguments declared with public?: false are meant to be set internally (for example via Ash.Changeset.set_private_argument/3) and must not be settable from end-user input. When a changeset is built from a parameter map, Ash filters out private arguments, but the filtering is incomplete.\n\nIn the regular changeset path (for_create, for_update, for_destroy), private arguments are stripped only when the parameter key is an atom. When the key is a binary (string), as is the case for user-supplied parameters, the private argument is kept and the user controls its value. In the atomic path (Ash.Changeset.fully_atomic_changeset/4, also reached through atomic and bulk updates), private arguments are not stripped at all, regardless of whether the key is an atom or a binary.\n\nAn attacker who can submit parameters to an action that defines a private argument can therefore inject a value for that argument. Depending on how the application uses the argument (for example an acting_user_id driving authorization or record ownership), this can lead to an integrity violation or privilege escalation.\n\nThis issue affects ash: from 3.0.0 before 3.29.3."}], "impacts": [{"capecId": "CAPEC-77", "descriptions": [{"lang": "en", "value": "CAPEC-77 Manipulating User-Controlled Variables"}]}], "metrics": [{"cvssV4_0": {"attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 5.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-915", "description": "CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db", "shortName": "EEF", "dateUpdated": "2026-06-23T18:21:13.033Z"}, "references": [{"tags": ["vendor-advisory", "related"], "url": "https://github.com/ash-project/ash/security/advisories/GHSA-f4hc-ppw9-4hhw"}, {"tags": ["related"], "url": "https://cna.erlef.org/cves/CVE-2026-55736.html"}, {"tags": ["related"], "url": "https://osv.dev/vulnerability/EEF-CVE-2026-55736"}, {"tags": ["patch"], "url": "https://github.com/ash-project/ash/commit/d9b3100219b3ea86d73202bf7368c03a7688efea"}], "source": {"discovery": "EXTERNAL"}, "title": "Private action arguments can be set by user input in Ash", "x_generator": {"engine": "cvelib 1.8.0"}}}}

{}

{}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,3.29.3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5967ed3a483ab949866e6d7b043b043e61703f17,d9b3100219b3ea86d73202bf7368c03a7688efea)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "ash", "vendor": "ash-project"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[3.0.0,3.29.3)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ash", "source": "cna", "vendor": "ash-project"}, "product": "ash", "vendor": "ash-project"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[5967ed3a483ab949866e6d7b043b043e61703f17,d9b3100219b3ea86d73202bf7368c03a7688efea)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "ash", "source": "cna", "vendor": "ash-project"}, "product": "ash", "vendor": "ash-project"}], "created": "2026-06-23T21:15:07.551889+00:00", "updated": "2026-06-23T22:00:08.989805+00:00", "vendors": ["ash-project", "ash-project$PRODUCT$ash"]}