CVE-2026-48597: Tesla Mint Adapter BEAM Atom Table Exhaustion via Untrusted URL Scheme
Tesla's Mint adapter converts attacker-controlled URL schemes into permanent BEAM atoms with no validation, letting anyone crash an Elixir application by flooding it with ~1 million unique scheme stri
The problem
In `Tesla.Adapter.Mint.open_conn/2`, every outgoing request's URL scheme is passed directly to `String.to_atom/1` before being forwarded to `Mint.HTTP.connect/4`. No allowlist or format check is applied first.
BEAM atoms are permanent and never garbage-collected. The VM atom table caps at roughly 1,048,576 entries. An attacker who can influence the URL of any Tesla request can create one new permanent atom per request and eventually fill the table, crashing the entire VM and taking down the application.
Proof of concept
A working proof-of-concept for CVE-2026-48597 in tesla, with the exact payload below.
# Attack vector 1: direct URL-forwarding feature
# Send ~1,000,000 HTTP requests, each with a distinct novel scheme.
# Example (bash loop hitting a webhook-relay endpoint):
for i in $(seq 1 1000000); do
curl -s "https://target.example.com/fetch?url=atk${i}://evil.example.com" &
done
# Attack vector 2: FollowRedirects pipeline
# Attacker controls a server that returns a redirect to a novel scheme.
# Each followed redirect interns one new atom before Mint raises.
HTTP/1.1 302 Found
Location: atk1://evil.example.com/
# Repeat with atk2://, atk3:// ... until atom table is exhausted.The root cause is CWE-770: unbounded resource allocation. `String.to_atom/1` interns any string as a new permanent atom if it does not already exist. The vulnerable code in `lib/tesla/adapter/mint.ex` passes `uri.scheme` straight to that function, before the `with "https" <- uri.scheme` guard that controls TLS options.
This means the atom is created regardless of whether the scheme is valid or not. Mint raises on an unrecognised scheme, but the atom has already been written to the table at that point.
The patch (commit 4699c3c) adds an explicit scheme allowlist check at the top of `open_conn/2`, returning an error for any scheme other than `"http"` or `"https"` before `String.to_atom/1` is ever reached. This ensures the atom table can only ever grow by the two atoms that were already interned at compile time.
The fix
Upgrade to **tesla 1.18.3** or later. The patch commit is `4699c3cb3e2fd6078f99f45f11cf7466aeedbf0e`. If an immediate upgrade is not possible, ensure that all application-level code that forwards user-supplied URLs through Tesla validates the scheme against an explicit allowlist (`http` or `https`) before the request is made, and that `Tesla.Middleware.FollowRedirects` is not used when the redirect target host or scheme is attacker-controlled.
Reported by PJUllrich.
Related research
- highCVE-2026-48594CVE-2026-48594: Tesla Middleware Decompression Bomb (DoS)
- highCVE-2026-49754CVE-2026-49754: Mint HTTP/2 CONTINUATION Flood Memory Exhaustion
- highCVE-2026-48862CVE-2026-48862: Mint HTTP/2 Client Memory Exhaustion via PUSH_PROMISE Flood
- highCVE-2026-47067CVE-2026-47067: hackney Atom-Table Exhaustion via URL Scheme Parsing