tesla
Hex5 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting teslapage 1 of 1
- CVE-2026-48594HIGHCVSS 8.2EG 8.2✓ Fixed in 1.18.32026-06-02
vulnerable: 0.10.0 ... 1.9.0 (56 versions)
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.DecompressResponse or Tesla.Middleware.C…
- CVE-2026-48595HIGHCVSS 8.2EG 8.2✓ Fixed in 1.18.32026-06-02
vulnerable: 1.10.0 ... 1.9.0 (40 versions)
Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.FollowRedirects strips security-sensitive headers on cross-origin redi…
- CVE-2026-48596LOWCVSS 2.1EG 2.1✓ Fixed in 1.18.32026-06-02
vulnerable: 0.10.0 ... 1.9.0 (52 versions)
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.add_content_type_param/2. Tesla.Multipart.add_content_type_…
- CVE-2026-48597HIGHCVSS 8.2EG 8.2✓ Fixed in 1.18.32026-06-02
vulnerable: 1.10.0 ... 1.9.0 (44 versions)
Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.open_conn/2 converts the URL scheme of every outgoing re…
- CVE-2026-48598LOWCVSS 2.1EG 2.1✓ Fixed in 1.18.32026-06-02
vulnerable: 0.10.0 ... 1.9.0 (52 versions)
Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.part_headers_for_disposition/1 interpolates each dispos…
Check whether tesla is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for tesla CVEs against the assets you own.
Start Free Scan →