The vulnerability in elixir-tesla tesla's FollowRedirects middleware stems from a case-sensitive string comparison against a lowercase filter list to remove security-sensitive headers during cross-origin redirects. HTTP headers are case-insensitive per RFC 7230, but tesla preserves header key casing as supplied, causing headers such as "Authorization" (capitalized) to bypass the filter and be forwarded to redirect targets. This behavior allows an attacker who can control or influence the Location header in redirect responses to capture bearer tokens or other authorization credentials. The flaw affects tesla versions from 1.4.0 up to but not including 1.18.3. No official remediation level or patch link is provided in the data, and no known exploits are reported in the wild.

An attacker capable of controlling or influencing cross-origin redirect responses can obtain sensitive authorization credentials, such as bearer tokens, due to improper header filtering. This leads to credential leakage and potential unauthorized access to protected resources. The vulnerability does not require user interaction and can be exploited remotely over the network. The CVSS 4.0 score of 8.2 reflects a high impact with network attack vector, low attack complexity, and high confidentiality impact.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Since no official patch or remediation level is provided in the available data, users should monitor the elixir-tesla project for updates addressing this issue. Until a fix is available, avoid using vulnerable versions in environments where untrusted redirects may occur or implement additional controls to prevent unauthorized redirect manipulation.