CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



CVE-2026-48598

CVE-2026-48598: Multipart Part Header Injection and Request Smuggling in elixir-tesla

Amit Schendel
Amit Schendel
Senior Security Researcher

Jul 10, 2026·5 min read·4 visits

Executive Summary (TL;DR)

Unescaped carriage returns, line feeds, and double-quotes in elixir-tesla's multipart module allow multipart header injection and request smuggling.

An Improper Encoding or Escaping of Output vulnerability (CWE-116) in elixir-tesla allowed unauthenticated remote code execution or request smuggling via unescaped Content-Disposition parameters in multipart form-data requests.

Vulnerability Overview

The elixir-tesla library serves as a widely adopted HTTP client framework within the Elixir ecosystem, offering modular middleware and simple HTTP request building. One of its crucial components is the Tesla.Multipart module, which handles the serialization of multipart form-data. This format is commonly used to transfer binary file data and associated metadata to upstream web services.

When applications ingest file metadata from unauthenticated users and forward it downstream, they expose a highly sensitive interface. If the client library fails to escape structural characters, this dynamic user input can alter the overall structure of the HTTP multipart message body.

CVE-2026-48598 exposes an input-validation vulnerability classified as CWE-116 within this serialization pipeline. An attacker who controls metadata such as filenames can construct malicious inputs that break out of the header context. This flaw alters downstream boundary evaluations and allows subsequent header fields to be injected.

Root Cause Analysis

The underlying flaw resides within the private part_headers_for_disposition/1 function inside lib/tesla/multipart.ex. This function is responsible for iterating over a keyword list of disposition parameters and converting them into format-compliant headers. It serializes these parameters using simple string interpolation without performing escaping or sanitation.

Specifically, the function maps over key-value pairs using the pattern #{k}="#{v}". It joins the mapped values into a semicolon-delimited string and appends a single CRLF sequence to finalize the Content-Disposition line. If a parameter value contains a double-quote character, it prematurely terminates the quoted string boundary.

If the value contains carriage return or line feed characters, it ends the HTTP header line itself. The remaining injected payload is then interpreted as a distinct HTTP header or even a premature body boundary. This structural manipulation is illustrated in the diagram below.

Code Analysis

To analyze the vulnerable implementation, observe how parameter values were directly concatenated without character verification in lib/tesla/multipart.ex prior to version 1.18.3:

def part_headers_for_disposition([]), do: []
def part_headers_for_disposition(kvs) do
  ds =
    kvs
    # Vulnerable interpolation lacking escaping or validation
    |> Enum.map(fn {k, v} -> "#{k}=\"#{v}\"" end)
    |> Enum.join("; ")
  ["Content-Disposition: form-data; #{ds}\r\n"]
end

The initial remediation commit bb1a2c3da2775924d96e3db8e315dcc4d5d2246e mitigated this by introducing basic assertion helpers. These checks search for forbidden control characters and double-quotes within each evaluated disposition value:

# Introduced assertion to intercept structural characters
def part_headers_for_disposition(kvs) do
  ds =
    kvs
    |> Enum.map(fn {k, v} ->
      v_str = to_string(v)
      :ok = assert_disposition_value!(k, v_str)
      "#{k}=\"#{v_str}\""
    end)
    |> Enum.join("; ")
  ["content-disposition: form-data; #{ds}\r\n"]
end

To prevent sophisticated bypasses, the subsequent commit 23601edac5d22ba9407b427967b5bdbda201aec2 implemented strict RFC 7230 and RFC 7231 Whitelist validation using binary pattern matching. Rather than simply blocking known bad characters, this implementation validates every character against standard token definition rules.

Exploitation & Proof-of-Concept

An attack relies on the target application receiving file metadata from untrusted sources and passing it directly into Tesla.Multipart.add_file/3 or add_file_content/4. For instance, a web service that accepts user uploads and replicates them to a downstream object-store API acts as a potential forwarding proxy.

To exploit this vulnerability, the attacker registers a file upload using a crafted filename containing quotes and line-ending sequences. A typical payload contains a filename like file.txt"\r\nContent-Type: application/x-php\r\n\r\n<?php phpinfo(); ?>\r\n--boundary--. During serialization, the client library constructs the outbound HTTP body using this raw string.

When the downstream system processes the request, it encounters the injected line breaks. It evaluates the injected content-type and body data as separate entities, bypassing filename or extension validations. This allows attackers to perform multipart request smuggling or spoof upload metadata.

Impact Assessment

The CVSS Base Score is officially rated at 2.1, representing low overall severity due to the local attack vector requirement. Because the library executes inside the context of the calling application, exploitation requires the application itself to expose vulnerable pathways. It does not directly affect the confidentiality, integrity, or availability of the underlying server.

However, the subsequent system integrity rating is classified as low because this vulnerability alters the integrity of data sent to downstream processors. If downstream systems trust the integrity of incoming multipart metadata, they may execute arbitrary commands, allow directory traversal, or process forged requests.

According to the Exploit Prediction Scoring System, the probability of active exploitation in the wild is currently low. Developers must still address this vulnerability since it acts as a secondary exploitation channel inside microservice architectures.

Remediation & Best Practices

The primary recommendation is to update the tesla dependency to version 1.18.3 or later. This version introduces RFC-compliant character checking that raises an ArgumentError when unescaped characters are detected.

If the dependency cannot be immediately updated, developers must implement strict server-side validation. Filenames and parameter inputs must be filtered to remove double-quotes, carriage returns, and line feeds before calling the client library.

Additionally, applications must wrap multipart creation inside structured try/rescue blocks. Because the patch throws runtime errors when bad input is detected, failing to catch these exceptions can expose the application to denial-of-service vulnerabilities through intentional application crashes.

Official Patches

elixir-teslaInitial input-validation sanitizer commit
elixir-teslaFollow-up RFC-compliant input-whitelisting validation

Fix Analysis (2)

Technical Appendix

CVSS Score
2.1/ 10
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N
EPSS Probability
0.14%
Top 96% most exploited

Affected Systems

elixir-tesla

Affected Versions Detail

Product
Affected Versions
Fixed Version
tesla
elixir-tesla
>= 0.8.0, < 1.18.31.18.3
AttributeDetail
CWE IDCWE-116
Attack VectorLocal
CVSS v4.0 Score2.1 (Low)
EPSS Score0.00143
ImpactLow Subsequent System Integrity
Exploit StatusProof of Concept
KEV StatusNot Listed

MITRE ATT&CK Mapping

T1190Exploit Public-Facing Application
Initial Access
T1071.001Web Protocols
Command and Control
CWE-116
Improper Encoding or Escaping of Output

The software receives input from an upstream component but does not encode or escape the output before constructing a structured message.

Known Exploits & Detection

GitHub Security AdvisoryDetailed discussion and description of the vulnerability.

Vulnerability Timeline

Vulnerability reported and initial validation patch committed
2026-06-02
Strict RFC-compliant whitelisting implemented and version 1.18.3 released
2026-06-02
GitHub Security Advisory and EEF CNA records published
2026-06-02
National Vulnerability Database record finalized
2026-06-17

References & Sources

  • [1]CVE-2026-48598 on CVE.org
  • [2]GHSA-28jh-g32x-v9v4 Advisory on GitHub
  • [3]Erlang Ecosystem Foundation CNA Advisory
  • [4]OSV Registry Record for CVE-2026-48598

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•14 minutes ago•CVE-2026-48597
8.2

CVE-2026-48597: Denial of Service via Atom Table Exhaustion in Elixir Tesla Client (Mint Adapter)

CVE-2026-48597 is a high-severity Denial of Service (DoS) vulnerability in the Elixir HTTP client library Tesla (specifically involving the Mint adapter) that allows an unauthenticated remote attacker to cause an unrecoverable crash of the Erlang Virtual Machine (BEAM). The flaw arises from the dynamic conversion of untrusted URL schemes into Erlang atoms without validation, leading to global atom table exhaustion.

Alon Barad
Alon Barad
2 views•8 min read
•about 1 hour ago•CVE-2026-49851
7.5

CVE-2026-49851: Algorithmic Complexity Denial of Service in Mistune Markdown Parser

CVE-2026-49851 is a high-severity algorithmic complexity vulnerability in the Mistune Markdown parser. Under specific conditions involving dense, unmatched nesting of opening square brackets, the parser fallback loops degrade from linear execution time to a worst-case quadratic complexity. This allows unauthenticated remote attackers to trigger complete CPU exhaustion and subsequent Denial of Service with a highly compact payload.

Alon Barad
Alon Barad
7 views•6 min read
•about 2 hours ago•CVE-2026-48862
8.2

CVE-2026-48862: Unbounded Resource Allocation via HTTP/2 PUSH_PROMISE Flooding in Mint

An allocation of resources without limits or throttling vulnerability in the Elixir Mint HTTP client library allows malicious HTTP/2 servers to trigger memory exhaustion and application denial of service. The flaw exists because Mint fails to validate server-push concurrency limits during the receipt of PUSH_PROMISE frames, deferring validation to the HEADERS phase. This allows a server to reserve an unlimited number of streams in the client's memory map.

Amit Schendel
Amit Schendel
5 views•7 min read
•about 3 hours ago•CVE-2026-52778
9.8

CVE-2026-52778: Unauthenticated Remote Code Execution and ReDoS in YesWiki Bazar Formula Calculator

An unsafe execution vulnerability exists in the Bazar form field calculator (CalcField.php) of YesWiki prior to version 4.6.6. The application attempts to validate mathematical formulas using a complex recursive regular expression before passing them to the PHP eval() function. This design leads to both Regular Expression Denial of Service (ReDoS) and Remote Code Execution (RCE) via validation bypass.

Alon Barad
Alon Barad
4 views•7 min read
•about 4 hours ago•CVE-2026-54651
5.5

CVE-2026-54651: Infinite Loop Vulnerability in pypdf Article Thread Parser

An infinite loop vulnerability exists in the pure-Python PDF library pypdf prior to version 6.13.1. When parsing or merging a crafted PDF file containing a cyclic Article/Thread structure, the library fails to exit its traversal loop. This causes the executing thread to hang indefinitely, leading to 100% CPU utilization and a denial of service. The vulnerability is tracked under CVE-2026-54651 and GHSA-g9xf-7f8q-9mcj, with a CVSS base score of 5.5. This technical report provides a root cause analysis, code review, exploitation vectors, and mitigation paths.

Alon Barad
Alon Barad
7 views•7 min read
•about 8 hours ago•GHSA-387M-935M-C4VW
7.5

GHSA-387m-935m-c4vw: Unbounded HTTP Redirections Enable Infinite Loop Denial of Service in Micronaut HTTP Client

The Netty-based HTTP Client in the Micronaut framework fails to enforce a maximum redirect ceiling by default when processing HTTP responses. This permits remote, attacker-controlled servers to trigger continuous, infinite redirect loops. The resulting recursion causes high CPU utilization, thread starvation, and potential memory exhaustion, inducing a Denial of Service (DoS) state in client-side applications.

Amit Schendel
Amit Schendel
6 views•6 min read