PT-2026-41426 · Cpan · Net::Statsd::Lite

Published

2026-05-16

·

Updated

2026-06-19

·

CVE-2026-46719

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Net::Statsd::Lite versions prior to 0.9.0
Description Net::Statsd::Lite for Perl allows metric injections because metric names are not validated for newlines, colons, or pipes. This enables metrics generated from untrusted sources to inject additional statsd metrics.
Recommendations Update to version 0.9.0 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-46719

Affected Products

Net::Statsd::Lite