Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-45179
PUBLISHED
More InfoOfficial Page
Assigner-CPANSec
Assigner Org ID-9b29abf9-4ab0-4765-b253-1875cd9b441e
View Known Exploited Vulnerability (KEV) details
Published At-10 May, 2026 | 19:10
Updated At-10 May, 2026 | 21:17
Rejected At-
▼CVE Numbering Authority (CNA)
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses

Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no longer logged to statsd unless configured. When configured, an HMAC signature of the IP address is logged instead.

Affected Products
Vendor
RRWO
Product
Plack::Middleware::Statsd
Collection URL
https://cpan.org/modules
Package Name
Plack-Middleware-Statsd
Repo
https://github.com/robrwo/Plack-Middleware-Statsd
Default Status
unaffected
Versions
Affected
  • From 0 before 0.9.0 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-319CWE-319 Cleartext Transmission of Sensitive Information
Type: CWE
CWE ID: CWE-319
Description: CWE-319 Cleartext Transmission of Sensitive Information
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Upgrade to version 0.9.0 or later.

Configurations
Workarounds

Use a statsd daemon on the same host or through a secure communications channel.

Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/robrwo/Plack-Middleware-Statsd/security/advisories/GHSA-9gwm-665p-w2xx
vendor-advisory
https://metacpan.org/release/RRWO/Plack-Middleware-Statsd-v0.9.0/changes
release-notes
Hyperlink: https://github.com/robrwo/Plack-Middleware-Statsd/security/advisories/GHSA-9gwm-665p-w2xx
Resource:
vendor-advisory
Hyperlink: https://metacpan.org/release/RRWO/Plack-Middleware-Statsd-v0.9.0/changes
Resource:
release-notes
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2026/05/10/4
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2026/05/10/4
Resource: N/A
Details not found