Vulnerability in Elixir-tesla Tesla

CVE-2026-48598

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.part_headers_for_disposition/1 interpolates each dispos…

EPSS: 0.000 (2.6th percentile) — read the EPSS interpretation.

Affected products

Elixir-tesla Tesla — versions 0.8.0, 6ebfdb9abe9c6f119408045b933d82462decd351

Weakness classification (CWE)

CWE-116 — Improper Encoding or Escaping of Output

References

6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related, vendor-advisory)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (related)
6b3ad84c-e1a6-4bf7-a703-f496b71e49db (patch)