CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



CVE-2026-48595

CVE-2026-48595: Cross-Origin Credential Leakage in Elixir Tesla Client via Case-Sensitive Redirect Filter Bypass

Alon Barad
Alon Barad
Software Engineer

Jul 10, 2026·5 min read·2 visits

Executive Summary (TL;DR)

Case-sensitive header filtering in Tesla's FollowRedirects middleware fails to strip credentials like 'Authorization' during cross-origin redirects if they contain uppercase characters, leading to token leakage to untrusted hosts.

A high-severity security vulnerability in Elixir's Tesla HTTP client library (CVE-2026-48595) allows unauthenticated remote attackers to harvest sensitive credentials, including Authorization headers and cookies. The flaw resides in the 'Tesla.Middleware.FollowRedirects' component, which performs case-sensitive lookups when stripping credentials during cross-origin redirects. Because HTTP headers are case-insensitive by RFC specifications, standard canonical casing (e.g., 'Authorization') bypasses the lowercase-only blocklist, leaking tokens to untrusted external redirect destinations.

Vulnerability Overview

The Elixir HTTP client library Tesla provides an extensible system of pluggable middleware to intercept and modify outgoing requests and incoming responses. Among these, the 'Tesla.Middleware.FollowRedirects' middleware is widely deployed to automate the handling of HTTP redirect status codes. To ensure standard secure transport practices, this middleware is engineered to strip sensitive authorization materials and routing metadata when transitioning from an authorized source to an external, cross-origin host.

However, a design oversight in version 1.4.0 through 1.18.2 exposed users to credential exposure risks. The validation routine implemented to drop sensitive headers relied on strict case-sensitive comparisons against a hardcoded lowercase blocklist. Because Elixir preservation rules keep the casing of headers as defined by callers, common canonical headers bypassed this sanitation step completely.

This vulnerability is classified under CWE-178 (Improper Handling of Case Sensitivity). If an application communicates with services that support user-supplied URLs or suffer from open redirect flaws, an attacker can manipulate the destination target to capture the intact authentication headers.

Root Cause Analysis

To understand the core flaw, it is necessary to examine how Elixir's Tesla maps HTTP state. Inside the %Tesla.Env{} structure, HTTP headers are represented as an ordered list of two-element tuples, where each tuple contains a header key and its associated value. To guarantee compatibility with lower-level adapters, Tesla retains the precise capitalization provided during request initialization.

According to HTTP RFC 9110, header field names must be treated as case-insensitive. However, the pre-patch middleware implementation assessed filter eligibility using standard Elixir list membership semantics. Specifically, the line k not in @filter_headers executed a direct equality evaluation against the lowercase-only list ["authorization", "host"].

Because the string comparison did not normalize the character case of the runtime headers, any keys possessing capital letters failed the lookup block. The comparison "Authorization" not in ["authorization", "host"] returned true, meaning the header was kept instead of being filtered out. Consequently, the client library successfully transmitted the intact header to the subsequent redirect target.

Code Analysis

The vulnerable version of the library defined a static module attribute @filter_headers and processed keys through a basic filter operation. The block below showcases the original, inadequate validation loop:

# PRE-PATCH VULNERABLE LOGIC
@filter_headers ["authorization", "host"]
 
defp filter_headers(env, prev, next) do
  if next.host != prev.host || next.port != prev.port || next.scheme != prev.scheme do
    %{env | headers: Enum.filter(env.headers, fn {k, _} -> k not in @filter_headers end)}
  else
    env
  end
end

The patched code introduces a robust, RFC-compliant architecture. By converting input keys to lowercase during evaluation, the application establishes case-insensitivity regardless of how callers capitalized the key names:

# PATCHED LOGIC - COMMIT db963dba67651b9abd1fc420a1d9679cf6efe182
@always_strip ~w(
  connection keep-alive proxy-connection te trailer transfer-encoding upgrade
  if-match if-modified-since if-none-match if-range if-unmodified-since
)
 
@cross_origin_strip ~w(
  authorization cookie host origin proxy-authorization referer
)
 
defp filter_headers(env, prev, next, status) do
  drop =
    @always_strip
    |> add_if(cross_origin?(prev, next), @cross_origin_strip)
    |> add_if(method_changes?(status), @method_change_strip)
 
  %{env | headers: Enum.reject(env.headers, &dropped?(&1, drop))}
end
 
defp dropped?({key, _value}, drop), do: String.downcase(key) in drop

The helper function dropped?/2 uses String.downcase(key) before executing the membership check. Furthermore, the expansion of the filter blocklist ensures conformity with RFC 9110 §15.4 directives, preventing secondary exposures of caching validators and hop-by-hop credentials.

Exploitation Methodology

Exploiting this vulnerability relies on an attacker's ability to trigger or manipulate a cross-origin redirect sequence. This pattern is common in applications processing webhooks, interacting with federated APIs, or handling user-influenced file URLs. The following diagram illustrates the sequence of the attack flow:

In a real-world vector, the Elixir client initiates an API request with canonical credentials, such as [{"Authorization", "Bearer token_xyz"}]. The target endpoint issues an HTTP 302 redirect pointing to http://attacker-controlled.com/. Because the domain differs, the middleware attempts to filter the headers but fails due to the uppercase 'A'.

The subsequent request to the attacker's server contains the original header, allowing the attacker to capture the credential. A proof-of-concept repository demonstrating this flow and detailing verification scaffolding is accessible at https://github.com/jenniferreire26/CVE-2026-48595.

Impact Assessment

The vulnerability carries a CVSS 4.0 base score of 8.2, reflecting high confidentiality impact. A successful exploitation allows external adversaries to intercept active session tokens, OAuth bearer strings, and cookie values.

With these credentials, the adversary can impersonate the affected service, elevate privileges, or compromise secondary APIs. The attack requires no prior authentication and can be completed entirely over the network.

While the probability of exploitation remains moderate depending on the design of internal API architectures, the risk is elevated for applications interacting with dynamic third-party resources. Given that most developer toolkits automatically generate capital-cased headers, the vast majority of deployments remain susceptible prior to applying updates.

Remediation & Mitigation

Upgrading the tesla dependency to version 1.18.3 resolves this vulnerability permanently. This release incorporates the downcased header logic and expands the RFC blocklists to prevent credential leakages. Security teams should enforce this dependency constraint inside their Elixir projects.

If updating the library is temporarily blocked, developers can implement a custom pipeline plug to normalize all header keys to lowercase. By converting keys prior to hitting the FollowRedirects middleware, the case-sensitive filter routine evaluates the headers correctly:

defmodule MyApplication.HeaderSanitizer do
  def normalize_headers(env, next) do
    normalized = Enum.map(env.headers, fn {k, v} -> {String.downcase(k), v} end)
    %{env | headers: normalized} |> Tesla.run(next)
  end
end

Additionally, developers can manually define authorization parameters using strictly lowercase keys in their HTTP client calls. Doing so aligns the inputs with the legacy blocklist logic, enabling safe sanitization on redirection.

Official Patches

elixir-teslaOfficial patch implementing case-insensitive filtering for redirects.

Fix Analysis (1)

Technical Appendix

CVSS Score
8.2/ 10
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
EPSS Probability
0.40%
Top 68% most exploited

Affected Systems

Elixir systems integrating the elixir-tesla/tesla library with active follow-redirect modules.

Affected Versions Detail

Product
Affected Versions
Fixed Version
tesla
elixir-tesla
>= 1.4.0, < 1.18.31.18.3
AttributeDetail
CWE IDCWE-178
Attack VectorNetwork (Remote)
CVSS v4 Score8.2 (High)
EPSS Score0.00396 (0.40%)
Exploit StatusProof of Concept (PoC) Publicly Available
CISA KEV StatusNot Listed

MITRE ATT&CK Mapping

T1557Adversary-in-the-Middle
Credential Access
CWE-178
Improper Handling of Case Sensitivity

The software does not account for case sensitivity variations when parsing, matching, or validating inputs, which can allow attackers to bypass security filters.

Known Exploits & Detection

GitHubProof of Concept validation environment for reproducing the case-sensitivity bypass in elixir-tesla.

Vulnerability Timeline

Vulnerability discovered and fix commit db963dba pushed.
2026-06-02
Tesla version 1.18.3 tagged and released with security hotfixes.
2026-06-02
Official GHSA security advisory GHSA-9m9w-gxf7-rh8m published.
2026-06-02
NVD record published and synchronized.
2026-06-17

References & Sources

  • [1]GitHub Security Advisory - GHSA-9m9w-gxf7-rh8m
  • [2]CNA EEF Advisory Record
  • [3]OSV Entry
  • [4]CVE.org Record Database

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•13 minutes ago•CVE-2026-48596
2.1

CVE-2026-48596: Improper Neutralization of CRLF Sequences in Elixir Tesla Multipart HTTP Client

CVE-2026-48596 is an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Request/Response Splitting, CWE-113) in the Elixir Tesla HTTP client. The flaw resides in how multipart content-type parameters are joined and serialized, enabling attackers to inject arbitrary headers or split HTTP requests when applications pass untrusted inputs to the parameters of multipart uploads.

Alon Barad
Alon Barad
1 views•6 min read
•43 minutes ago•CVE-2026-48594
8.2

CVE-2026-48594: Decompression Bomb Denial of Service in Elixir Tesla HTTP Client

An improper handling of highly compressed data (decompression bomb) vulnerability exists in the Elixir Tesla HTTP client when utilizing response decompression middlewares. By serving highly compressed responses or stacked content-encoding headers, a malicious server can cause arbitrary heap exhaustion, leading to a denial of service (DoS) crash in the BEAM virtual machine.

Amit Schendel
Amit Schendel
1 views•6 min read
•about 2 hours ago•CVE-2026-48597
8.2

CVE-2026-48597: Denial of Service via Atom Table Exhaustion in Elixir Tesla Client (Mint Adapter)

CVE-2026-48597 is a high-severity Denial of Service (DoS) vulnerability in the Elixir HTTP client library Tesla (specifically involving the Mint adapter) that allows an unauthenticated remote attacker to cause an unrecoverable crash of the Erlang Virtual Machine (BEAM). The flaw arises from the dynamic conversion of untrusted URL schemes into Erlang atoms without validation, leading to global atom table exhaustion.

Alon Barad
Alon Barad
3 views•8 min read
•about 2 hours ago•CVE-2026-48598
2.1

CVE-2026-48598: Multipart Part Header Injection and Request Smuggling in elixir-tesla

An Improper Encoding or Escaping of Output vulnerability (CWE-116) in elixir-tesla allowed unauthenticated remote code execution or request smuggling via unescaped Content-Disposition parameters in multipart form-data requests.

Amit Schendel
Amit Schendel
5 views•5 min read
•about 3 hours ago•CVE-2026-49851
7.5

CVE-2026-49851: Algorithmic Complexity Denial of Service in Mistune Markdown Parser

CVE-2026-49851 is a high-severity algorithmic complexity vulnerability in the Mistune Markdown parser. Under specific conditions involving dense, unmatched nesting of opening square brackets, the parser fallback loops degrade from linear execution time to a worst-case quadratic complexity. This allows unauthenticated remote attackers to trigger complete CPU exhaustion and subsequent Denial of Service with a highly compact payload.

Alon Barad
Alon Barad
8 views•6 min read
•about 3 hours ago•CVE-2026-48862
8.2

CVE-2026-48862: Unbounded Resource Allocation via HTTP/2 PUSH_PROMISE Flooding in Mint

An allocation of resources without limits or throttling vulnerability in the Elixir Mint HTTP client library allows malicious HTTP/2 servers to trigger memory exhaustion and application denial of service. The flaw exists because Mint fails to validate server-push concurrency limits during the receipt of PUSH_PROMISE frames, deferring validation to the HEADERS phase. This allows a server to reserve an unlimited number of streams in the client's memory map.

Amit Schendel
Amit Schendel
6 views•7 min read