370 matches found
CVE-2026-46719
Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
CVE-2026-8788
Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...
Fedora 43 : perl-Net-CIDR-Lite (2026-9e783d6aa1)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9e783d6aa1 advisory. This update addresses some input validation issues: Reject Unicode digits and trailing newlines in parser inputs CVE-2026-45190 Reject zero-padded...
CVE-2026-8788
Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...
CVE-2026-8788 Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections
Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the setadd method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue...
CVE-2026-8788
CVE-2026-8788 affects Net::Statsd::Lite up to version 0.10.0 on Perl. The issue arises because values passed to the set_add method are not validated for newlines, colons, or pipes, allowing untrusted sources to inject additional metrics. Multiple connected sources confirm the same description acr...
CVE-2026-46720
Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
CVE-2026-46720 Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections
Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
EUVD-2026-30706
Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
CVE-2026-46720
Net::Statsd::Tiny versions before 0.3.8 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
PT-2026-41581
Name of the Vulnerable Software and Affected Versions Net::Statsd::Tiny versions prior to 0.3.8 Description Net::Statsd::Tiny for Perl allows metric injections because metric names and set values are not validated for newlines, colons, or pipes. This allows metrics generated from untrusted source...
CVE-2026-46719
Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics...
CVE-2026-46719
Net::Statsd::Lite (Perl) is affected by CVE-2026-46719 for versions prior to 0.9.0, where metric names are not validated for newlines, colons, or pipes. This allows metrics from untrusted sources to inject additional statsd metrics. Public sources in the included documents confirm the impact on m...
PT-2026-41426
Name of the Vulnerable Software and Affected Versions Net::Statsd::Lite versions prior to 0.9.0 Description Net::Statsd::Lite for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This enables metrics generated from untrusted sources to inject...
Fedora 44 : perl-Net-CIDR-Lite (2026-6f3d2d0d82)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-6f3d2d0d82 advisory. This update addresses some input validation issues: Reject Unicode digits and trailing newlines in parser inputs CVE-2026-45190 Reject zero-padded...
Command Injection
Overview GitPython is a python library used to interact with Git repositories Affected versions of this package are vulnerable to Command Injection via the setvalue function when the section parameter is not properly validated for newline characters. An attacker can execute arbitrary code by...
CVE-2026-44244
GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.setvalue passes values to Python's configparser without validating for newlines. GitPython's own write converts embedded newlines into indented continuation lines e.g. \n becomes \n\t, b...
PT-2026-37313
Name of the Vulnerable Software and Affected Versions sse-channel versions prior to 4.0.1 Description Implementations that allow user-provided values to be passed to the event, retry, or id fields are susceptible to event spoofing. This allows an attacker to inject arbitrary Server-Sent Events SS...
Important: python3.9
Issue Overview: When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized. CVE-2025-11468 User-controlled...
CLSA-2026-1775223681 python: Fix of CVE-2025-15367
CVE-2025-15367: reject control characters in POP3 commands to prevent command injection via newlines...