351 matches found
CVE-2026-11362
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-9270
CVE-2026-9270 affects DataDog::DogStatsd for Perl up to version 0.07. The issue stems from insufficient input sanitization: newlines in metric names, unvalidated delta values, and tags that may contain newlines, pipes, or colons. This allows metric injections from untrusted sources, potentially a...
PT-2026-46969
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The format event method used by the event method does not validate the content of the tags,...
Malicious code in cdktn-provider-datadog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ce930466b101c48ae641d7e4ad57f3d5169b9f14b1e041e4264e75cbfd965b Package name cdktn-provider-datadog is a single-character variant f→n of HashiCorp's widely-used cdktf-provider-datadog CDKTF provider. README and...
MAL-2026-4824 Malicious code in cdktn-provider-datadog (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 29ce930466b101c48ae641d7e4ad57f3d5169b9f14b1e041e4264e75cbfd965b Package name cdktn-provider-datadog is a single-character variant f→n of HashiCorp's widely-used cdktf-provider-datadog CDKTF provider. README and...
GHSA-MF9V-MFXR-J63J vulnerabilities
Vulnerabilities for packages: prefect-fips, litellm, label-studio, authentik-fips, datahub-ingestion-fips, text-generation-inference, ansible-operator-fips, kubeflow-volumes-web-app, keep-fips, metaflow-service, airflow-core, azureml-inference-server-http-fips, tritonserver-backend-vllm-cuda-13.0...
CVE-2026-44431 vulnerabilities
Vulnerabilities for packages: prefect-fips, litellm, label-studio, authentik-fips, datahub-ingestion-fips, text-generation-inference, ansible-operator-fips, kubeflow-volumes-web-app, keep-fips, metaflow-service, airflow-core, azureml-inference-server-http-fips, tritonserver-backend-vllm-cuda-13.0...
GHSA-QCCP-GFCP-XXVC vulnerabilities
Vulnerabilities for packages: prefect-fips, litellm, label-studio, authentik-fips, datahub-ingestion-fips, text-generation-inference, ansible-operator-fips, kubeflow-volumes-web-app, keep-fips, metaflow-service, airflow-core, azureml-inference-server-http-fips, tritonserver-backend-vllm-cuda-13.0...
CVE-2026-44432 vulnerabilities
Vulnerabilities for packages: prefect-fips, litellm, label-studio, authentik-fips, datahub-ingestion-fips, text-generation-inference, ansible-operator-fips, kubeflow-volumes-web-app, keep-fips, metaflow-service, airflow-core, azureml-inference-server-http-fips, tritonserver-backend-vllm-cuda-13.0...
GHSA-R374-RXX8-8654 vulnerabilities
Vulnerabilities for packages: superset, datadog-agent, py3-paramiko, airflow...
CVE-2026-44405 vulnerabilities
Vulnerabilities for packages: superset, datadog-agent, py3-paramiko, airflow...
CVE-2026-44405 vulnerabilities
Vulnerabilities for packages: datadog-agent-fips, keep, datadog-agent, py3-paramiko, keep-fips, nemo, airflow, superset, pgadmin4, duplicity...
GHSA-R374-RXX8-8654 vulnerabilities
Vulnerabilities for packages: datadog-agent-fips, keep, datadog-agent, py3-paramiko, keep-fips, nemo, airflow, superset, pgadmin4, duplicity...
GHSA-VFMQ-68HX-4JFW vulnerabilities
Vulnerabilities for packages: datadog-agent, airflow, kubeflow-pipelines-visualization-server, open-webui...
CVE-2026-41066 vulnerabilities
Vulnerabilities for packages: datadog-agent, airflow, kubeflow-pipelines-visualization-server, open-webui...
CVE-2026-32282 vulnerabilities
Vulnerabilities for packages: flux, istio, kots, runc, kaf, libnvidia-container, karpenter, net-kourier, newrelic-fluent-bit-output, kubernetes, nerdctl, argo-cd, kubescape, aactl, dask-gateway, external-dns, cilium-cli, k3s, prometheus-operator, azurefile-csi, kubernetes-dashboard, coredns,...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: authservice, docker-cli-buildx, yunikorn-k8shim, terraform-docs, eksctl, db-operator, emissary, filebrowser, net-kourier, newrelic-fluent-bit-output, delve, terraform-provider-azapi, cloudnative-pg, apisix-ingress-controller, trillian, cis-operator, kafka-proxy,...
GHSA-6JWV-W5XF-7J27 vulnerabilities
Vulnerabilities for packages: grafana, kine, containerd, mattermost, zot, k3s, loki, datadog-agent, fuse-overlayfs-snapshotter...
CVE-2026-33817 vulnerabilities
Vulnerabilities for packages: grafana, kine, containerd, mattermost, zot, k3s, loki, datadog-agent, fuse-overlayfs-snapshotter...