Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Plack::Middleware::Statsd

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-45179
Assigner-CPAN Security Group
ShareView Details
Assigner-CPAN Security Group
CVSS Score-Not Assigned
EPSS-Not Assigned
Published-10 May, 2026 | 19:10
Updated-10 May, 2026 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses

Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no longer logged to statsd unless configured. When configured, an HMAC signature of the IP address is logged instead.

Action-Not Available
Vendor-RRWO
Product-Plack::Middleware::Statsd
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information