CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

CVE-2026-48596

Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.addcontenttypeparam/2. Tesla.Multipart.addcontenttypeparam/2 appends caller-supplied strings to the multipart...

2.1CVSS5.9AI score0.00021EPSS

Exploits0References1

RedhatCVE•added 11 hours ago•3 views

CVE-2026-48594

Improper Handling of Highly Compressed Data Data Amplification vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is included in a Tesla middleware pipeline, HTTP...

8.2CVSS5.8AI score0.00042EPSS

Exploits0References1

RedhatCVE•added yesterday•4 views

CVE-2026-48595

Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.FollowRedirects strips security-sensitive headers on cross-origin redirects using a case-sensitive string comparison against a...

8.2CVSS5.8AI score0.00042EPSS

Exploits0References1

OSV•added 2 days ago•4 views

EEF-CVE-2026-48596 CRLF injection in Tesla.Multipart.add_content_type_param/2 allows HTTP header injection

Summary Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.addcontenttypeparam/2. Tesla.Multipart.addcontenttypeparam/2 appends caller-supplied strings to the multipart...

2.1CVSS5.9AI score0.00021EPSS

Exploits0References4

Vulnrichment•added 2 days ago•2 views

CVE-2026-48596 CRLF injection in Tesla.Multipart.add_content_type_param/2 allows HTTP header injection

2.1CVSS5.9AI score0.00021EPSS

Exploits0References4

Vulnrichment•added 2 days ago•4 views

CVE-2026-48595 Authorization header leaks to third-party origin on cross-origin redirect in Tesla.Middleware.FollowRedirects

8.2CVSS5.8AI score0.00042EPSS

Exploits0References4

ATTACKERKB•added 2 days ago•5 views

CVE-2026-48597

Allocation of Resources Without Limits or Throttling vulnerability in elixir-tesla tesla allows denial of service via atom table exhaustion in Tesla.Adapter.Mint. Tesla.Adapter.Mint.openconn/2 converts the URL scheme of every outgoing request to a BEAM atom via String.toatomuri.scheme with no...

8.2CVSS5.8AI score0.00042EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2 days ago•7 views

PT-2026-45839

Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in elixir-tesla tesla allows HTTP header injection via Tesla.Multipart.add content type param/2. Tesla.Multipart.add content type param/2 appends caller-supplied strings to the multipart...

2.1CVSS5.9AI score0.00021EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by