Approved changes feed: RSS · Atom

cpe:2.3:a:rrwo:net::statsd::lite:*:*:*:*:*:*:*:*

part: a version: * update: statsd

VendorRrwo (b5300a69-c4f4-5cc7-a4bb-65304bf38389)
ProductNet (e807335c-cdc5-5ad1-9280-7caf1a75c483)
Edition*
Languagelite
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2026-8788 vulnerable 2026-06-08 08:08:58.639948 Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections
Net::Statsd::Lite versions through 0.10.0 for Perl allowed metric injections. The values from the set_add method were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that version 0.9.0 fixed a similar issue CVE-2026-46719 for metric names.
Published: 2026-05-18T06:34:24.030Z
Updated: 2026-06-19T15:34:16.945Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2026-46719 vulnerable 2026-06-08 08:05:12.108567 Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections
Net::Statsd::Lite versions before 0.9.0 for Perl allowed metric injections. The metric names were not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics.
Published: 2026-05-16T13:37:22.000Z
Updated: 2026-06-19T15:28:37.676Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.