Vulnerability in Elixir-tesla Tesla

CVE-2026-48595

Improper Handling of Case Sensitivity vulnerability in elixir-tesla tesla allows credential leakage to a third-party origin on cross-origin redirects. Tesla.Middleware.FollowRedirects strips security-sensitive headers on cross-origin redi…

EPSS: 0.000 (13.2th percentile) — read the EPSS interpretation.

Affected products

Elixir-tesla Tesla — versions 1.4.0, 2d937d5813d7cda5cd726f41824985fb655c920f

Weakness classification (CWE)

CWE-178 — Improper Handling of Case Sensitivity

References

6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)