Lucene search
K

26 matches found

EUVD
EUVD
added 2026/06/10 6:32 p.m.12 views

EUVD-2026-36105

Metrics::Any::Adapter::DogStatsd versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics,separated by newlines, to be sent per packet. Metrics::Any::Adapter::DogStatsd which extends...

9.1CVSS5.4AI score0.00343EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.16 views

PT-2026-48519

Name of the Vulnerable Software and Affected Versions Metrics::Any::Adapter::Statsd versions prior to 0.04 Description The software does not protect against metric injections. The statsd protocol allows multiple metrics to be sent per packet, separated by newlines. The send method fails to valida...

8.2CVSS5.8AI score0.00323EPSS
Exploits0References11
NVD
NVD
added 2026/06/05 4:16 p.m.12 views

CVE-2026-9270

DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The sendstats method does not remove newlines from metric names $stat variable, allowing attackers to change t...

9.1CVSS0.00331EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/05 2:50 p.m.39 views

CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags

DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...

0.00447EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 2:49 p.m.8 views

CVE-2026-9270 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections

DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The sendstats method does not remove newlines from metric names $stat variable, allowing attackers to change t...

5.5AI score0.00331EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

DataDog::DogStatsd 安全漏洞

DataDog::DogStatsd is a Perl monitoring client library developed by DataDog Corporation that supports the DogStatsD protocol. Versions of DataDog::DogStatsd prior to 0.07 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of inputs, the sendstats method not...

9.1CVSS5.3AI score0.00331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-46739

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from...

5.3CVSS5.5AI score0.00258EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 5:16 p.m.10 views

CVE-2026-46739

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

5.3CVSS0.00258EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/04 3:45 p.m.9 views

CVE-2026-46739

Net::Statsd versions before 0.13 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. The updatestats used for updating counters and gauge methods do not check that values...

5.3CVSS5.8AI score0.00258EPSS
Exploits0
EUVD
EUVD
added 2026/06/04 12:30 a.m.15 views

EUVD-2026-34188

Net::Async::Statsd::Client versions through 0.005 for Perl allow metric injections. The metric names are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

Etsy::StatsD 安全漏洞

Etsy::StatsD is an open-source application performance monitoring and metric collection component developed by statsd. Etsy::StatsD versions 1.002002 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks for line breaks, colons, or pipes in metric...

7.5CVSS5.2AI score0.00262EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.7 views

Net::Statsd::Lite 安全漏洞

Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.13 contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks for line breaks, colons, or pipes in...

5.3CVSS5.2AI score0.00258EPSS
Exploits0References3
CVE
CVE
added 2026/06/03 11:45 p.m.19 views

CVE-2026-8722

Net::Async::Statsd::Client (Perl) is affected up to version 0.005. The issue arises from unvalidated metric names that may contain newlines, colons, or pipes, allowing metric injections. No exploitation details are provided in the documents, and no remediation version is specified here; upgrading...

6.5CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.14 views

PT-2026-46078

Name of the Vulnerable Software and Affected Versions Net::Async::Statsd::Client versions prior to 0.006 Description Net::Async::Statsd::Client for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted...

6.5CVSS5.5AI score0.00203EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2026/05/27 2:12 a.m.15 views

CVE-2026-46720

Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 11:16 p.m.13 views

CVE-2026-46740

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

5.3CVSS0.00326EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/26 10:48 p.m.11 views

EUVD-2026-32021

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

8.2CVSS5.8AI score0.00344EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/26 10:48 p.m.36 views

CVE-2026-46740 Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections

Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Version 0.06 changes the module from being a stats...

0.00326EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Mojolicious::Plugin::Statsd 安全漏洞

Mojolicious::Plugin::Statsd is a plugin developed by Robert Rothenberg, designed to send application metrics to Statsd. Versions of Mojolicious::Plugin::Statsd 0.04 and earlier contain security vulnerabilities. These vulnerabilities arise from the lack of checks for line breaks, colons, or pipes ...

5.3CVSS5.8AI score0.00326EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/19 1:56 p.m.11 views

CVE-2026-46719

Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...

6.5CVSS5.8AI score0.00306EPSS
Exploits0References1
Rows per page
Query Builder