Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2026-48594— Decompression bomb in Tesla.Middleware.DecompressResponse and Tesla.Middleware.Compression

AI Predicted 7.5 Difficulty: Easy

Possible ATT&CK Techniques 1AI

T1496 · Resource Hijacking

Affected Version Matrix 2

VendorProductVersion RangeStatus
elixir-teslatesla0.6.0< 1.18.3affected
5bd90bb5cf0d15e375edc2a66fa322292940fce2< 340f75b5d191dc747ef7ac6365bd002d1cd55a9daffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-48594

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Decompression bomb in Tesla.Middleware.DecompressResponse and Tesla.Middleware.Compression
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-tesla tesla allows a denial of service via decompression bomb in HTTP response bodies. When Tesla.Middleware.DecompressResponse or Tesla.Middleware.Compression is included in a Tesla middleware pipeline, HTTP response bodies are decompressed eagerly with no size limit. The decompress_body/2 function in lib/tesla/middleware/compression.ex passes the entire response body to :zlib.gunzip/1 or :zlib.unzip/1 without any cap on the output size. Additionally, compression_algorithms/1 splits the content-encoding header on commas and decompress_body/2 recurses once per token, applying a decompression pass on each iteration. A server advertising content-encoding: gzip, gzip, gzip, gzip causes four recursive decompression passes, yielding exponential amplification: each gzip layer can expand its input roughly 1000x, so a payload of a few hundred bytes on the wire inflates to gigabytes of BEAM heap, exhausting memory and crashing or freezing the calling process. This issue affects tesla: from 0.6.0 before 1.18.3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
对高度压缩数据的处理不恰当(数据放大攻击)
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
elixir-teslatesla 0.6.0 ~ 1.18.3 cpe:2.3:a:elixir-tesla:tesla:*:*:*:*:*:*:*:*
elixir-teslatesla 5bd90bb5cf0d15e375edc2a66fa322292940fce2 ~ 340f75b5d191dc747ef7ac6365bd002d1cd55a9d cpe:2.3:a:elixir-tesla:tesla:*:*:*:*:*:*:*:*

II. Public POCs for CVE-2026-48594

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-48594

登录查看更多情报信息。

Patches & Fixes for CVE-2026-48594 (1)

Vendor Advisories for CVE-2026-48594 (2)

Other References for CVE-2026-48594 (1)

Same Patch Batch · elixir-tesla · 2026-06-02 · 5 CVEs total

CVE-2026-48598CRLF injection in Tesla.Multipart disposition parameters allows multipart part header inje
CVE-2026-48596CRLF injection in Tesla.Multipart.add_content_type_param/2 allows HTTP header injection
CVE-2026-48595Authorization header leaks to third-party origin on cross-origin redirect in Tesla.Middlew
CVE-2026-48597Atom table exhaustion via untrusted URL scheme in Tesla.Adapter.Mint

IV. Related Vulnerabilities

Same product: tesla
Same vendor: elixir-tesla
Same weakness: CWE-409

V. Comments for CVE-2026-48594

No comments yet

Leave a comment