12 matches found
CVE-2026-9270
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The sendstats method does not remove newlines from metric names $stat variable, allowing attackers to change t...
CVE-2026-11362
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-11362
DataDog::DogStatsd for Perl versions up to 0.07 is vulnerable to metric injections via event tags. The format_event method does not validate tag content, allowing commas, newlines, pipes and colons in tags and enabling injection of metrics from untrusted sources. The pipe was attempted to be stri...
EUVD-2026-34847
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-11362 DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-11362
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The formatevent method used by the event method does not validate the content of the tags, whi...
CVE-2026-9270
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The sendstats method does not remove newlines from metric names $stat variable, allowing attackers to change t...
CVE-2026-9270
CVE-2026-9270 affects DataDog::DogStatsd for Perl up to version 0.07. The issue stems from insufficient input sanitization: newlines in metric names, unvalidated delta values, and tags that may contain newlines, pipes, or colons. This allows metric injections from untrusted sources, potentially a...
PT-2026-46969
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The format event method used by the event method does not validate the content of the tags,...
Malicious code in fluent_plugin-dogstatsd (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6905 Malicious code in fluent_plugin-dogstatsd-mediba (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in fluent_plugin-dogstatsd-mediba (RubyGems)
--- -= Per source details. Do not edit below this line.=-...