3 matches found
CVE-2026-50639 Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections
Metrics::Any::Adapter::SignalFx versions before 0.04 for Perl does not protect against metric injections. The statsd protocol and extensions such as dogstatsd allow mutiple metrics, separated by newlines, to be sent per packet. Metrics::Any::Adapter::SignalFx which extends...
CVE-2026-50637
The CVE concerns Metrics::Any::Adapter::Statsd (Perl) prior to v0.04, where the send path did not validate metric names/values, allowing metric injections when names contain newlines and statsd control characters (colon, pipe). This vulnerability affects Metrics::Any::Adapter::Statsd and related ...
PT-2026-48520
Name of the Vulnerable Software and Affected Versions Metrics::Any::Adapter::DogStatsd versions prior to 0.04 Description The software does not protect against metric injections. The statsd protocol and its extensions, such as dogstatsd, allow multiple metrics to be sent per packet when separated...