tesla
1.20.0
HTTP client library, with support for middleware and multiple adapters.
Current section
5 Advisories
Jump to
Current section
5 Advisories
CRLF injection in Tesla.Multipart disposition parameters allows multipart part header injection
Affected Versions
References
- https://cna.erlef.org/cves/CVE-2026-48598.html
- https://github.com/elixir-tesla/tesla
- https://github.com/elixir-tesla/tesla/commit/bb1a2c3da2775924d96e3db8e315dcc4d5d2246e
- https://github.com/elixir-tesla/tesla/security/advisories/GHSA-28jh-g32x-v9v4
- https://hex.pm/packages/tesla
- https://nvd.nist.gov/vuln/detail/CVE-2026-48598
- https://osv.dev/vulnerability/EEF-CVE-2026-48598
Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint
Affected Versions
References
- https://cna.erlef.org/cves/CVE-2026-48597.html
- https://github.com/elixir-tesla/tesla
- https://github.com/elixir-tesla/tesla/commit/4699c3cb3e2fd6078f99f45f11cf7466aeedbf0e
- https://github.com/elixir-tesla/tesla/security/advisories/GHSA-h74c-q9j7-mpcm
- https://hex.pm/packages/tesla
- https://nvd.nist.gov/vuln/detail/CVE-2026-48597
- https://osv.dev/vulnerability/EEF-CVE-2026-48597
Authorization header leaks to third-party origin on cross-origin redirect in Tesla.Middleware.FollowRedirects
Affected Versions
References
- https://cna.erlef.org/cves/CVE-2026-48595.html
- https://github.com/elixir-tesla/tesla
- https://github.com/elixir-tesla/tesla/commit/db963dba67651b9abd1fc420a1d9679cf6efe182
- https://github.com/elixir-tesla/tesla/security/advisories/GHSA-9m9w-gxf7-rh8m
- https://hex.pm/packages/tesla
- https://nvd.nist.gov/vuln/detail/CVE-2026-48595
- https://osv.dev/vulnerability/EEF-CVE-2026-48595
Decompression bomb in Tesla.Middleware.DecompressResponse and Tesla.Middleware.Compression
Affected Versions
References
- https://cna.erlef.org/cves/CVE-2026-48594.html
- https://github.com/elixir-tesla/tesla
- https://github.com/elixir-tesla/tesla/commit/340f75b5d191dc747ef7ac6365bd002d1cd55a9d
- https://github.com/elixir-tesla/tesla/security/advisories/GHSA-mc85-72gr-vm9f
- https://hex.pm/packages/tesla
- https://nvd.nist.gov/vuln/detail/CVE-2026-48594
- https://osv.dev/vulnerability/EEF-CVE-2026-48594
CRLF injection in Tesla.Multipart.add_content_type_param/2 allows HTTP header injection
Affected Versions
References
- https://cna.erlef.org/cves/CVE-2026-48596.html
- https://github.com/elixir-tesla/tesla
- https://github.com/elixir-tesla/tesla/commit/23601edac5d22ba9407b427967b5bdbda201aec2
- https://github.com/elixir-tesla/tesla/security/advisories/GHSA-q7jx-v53g-848w
- https://hex.pm/packages/tesla
- https://nvd.nist.gov/vuln/detail/CVE-2026-48596
- https://osv.dev/vulnerability/EEF-CVE-2026-48596
Checksum
Dependency Config
mix.exs
rebar.config
Gleam
erlang.mk
Package Details
this version
214 977
yesterday
25 866
last 7 days
156 334
all time
72 695 829