Overview
The Tesla HTTP client library, a popular choice for making HTTP requests in Elixir applications, is vulnerable to a remote denial of service (DoS) attack through atom exhaustion. This vulnerability, identified as CVE-2026-48597, stems from the Mint adapter's improper handling of URL schemes in outgoing requests. Specifically, the `Tesla.Adapter.Mint.open_conn/2` function passes the URL scheme through `String.to_atom/1` without any allow-list validation. This process can lead to the exhaustion of the BEAM atom table, which is limited to approximately 1,048,576 entries, causing the virtual machine (VM) to crash.
Understanding the Vulnerability / Threat
Root Cause Analysis
The fundamental flaw lies in the `Tesla.Adapter.Mint` module, where the URL scheme of every outgoing request is converted to an atom using `String.to_atom/1` without proper validation. Atoms in Erlang (and by extension, Elixir) are permanent and never garbage-collected. This means that once an atom is created, it remains in memory until the VM restarts. The atom table is bounded, and when it reaches its limit, no new atoms can be created, leading to a denial of service.
This vulnerability can be classified under CWE-400: Uncontrolled Resource Consumption.
Attack Surface & Vector
The attack surface has two primary entry points:
1. **Application-level URL-forwarding features**: Any feature that forwards untrusted URLs to `Tesla.get/2` or equivalent functions can be exploited. This includes webhook relays, link previews, and SSRF-style proxies.
2. **Pipelines including `Tesla.Middleware.FollowRedirects`**: An attacker-controlled server can return a `Location` header with a novel scheme, triggering atom creation during redirect follow.
Exploitation Mechanics — Scenario Walkthrough
Scenario: Compromising a Corporate Jenkins Instance via URL Forwarding
1. Initial Position: An attacker gains access to a corporate network and discovers a Jenkins instance that uses a vulnerable version of the Tesla library for its URL forwarding feature.
2. Triggering the Flaw: The attacker sends a series of requests to the Jenkins instance, each with a distinct, previously unseen URL scheme (e.g., `atk1://`, `atk2://`, ...). For example, the attacker crafts an HTTP POST to the Jenkins URL forwarding endpoint with a Content-Type header containing a URL that has a novel scheme.
3. What Breaks: Each request results in the creation of a new atom due to the call to `String.to_atom/1`. Although `Mint` rejects the connection for unrecognized schemes, the atom persists. As the number of requests approaches 1,000,000, the BEAM atom table becomes exhausted.
4. Attacker's Prize: Once the atom table is exhausted, the VM crashes, leading to a denial of service. The attacker achieves a significant impact without needing authentication or special privileges, beyond access to the application's HTTP endpoint.
Real-World Impact
The impact of this vulnerability is significant, with a CVSS score of 8.2 indicating a high severity. Any application using Tesla 1.3.0 through 1.18.2 with `Tesla.Adapter.Mint` that allows untrusted input to influence request URLs is vulnerable to remote denial of service. This can lead to service disruptions, potentially affecting business operations and reputation.
Detection & Defense
Immediate Mitigations
- **Upgrade to Tesla 1.18.3 or later**: This version fixes the vulnerability by properly handling URL schemes and preventing atom exhaustion.
Detection Strategies
- **Monitor for unusual URL schemes**: Implement logging and monitoring to detect requests with unusual or unknown URL schemes.
- **Implement rate limiting**: Limit the number of requests from a single IP or user to prevent rapid atom creation.
- **Use a Web Application Firewall (WAF)**: A WAF can be configured to detect and block malicious traffic patterns.
Long-Term Hardening
- **Validate and sanitize input URLs**: Ensure that all input URLs are validated and sanitized before being processed by the Tesla library.
- **Use a custom URL scheme validator**: Implement a custom validator to check URL schemes against a known list of safe schemes.
- **Regularly update dependencies**: Keep all dependencies, including the Tesla library, up to date to ensure you have the latest security patches.
Key Takeaways
- The Tesla library's Mint adapter is vulnerable to a remote denial of service through atom exhaustion.
- The vulnerability is caused by the improper handling of URL schemes in outgoing requests.
- Upgrading to Tesla 1.18.3 or later fixes the vulnerability.
- Implementing rate limiting, monitoring for unusual URL schemes, and validating input URLs can help mitigate the risk.
Sources
- GitHub Security Advisories: https://github.com/advisories/GHSA-h74c-q9j7-mpcm