Medium severity5.3NVD Advisory· Published May 10, 2026· Updated May 12, 2026
CVE-2026-45179
CVE-2026-45179
Description
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses.
If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' IP addresses may be leaked.
Since version 0.9.0, the IP address is no longer logged to statsd unless configured. When configured, an HMAC signature of the IP address is logged instead.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <0.9.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.