CVE-2026-45180

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
2
PROJECTS

Description

Catalyst::Plugin::Statsd versions through 0.10.0 for Perl may leak session ids. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' session ids may be leaked. This may allow an attacker to use session ids as authentication tokens.

robrwo/CatalystX-Statsd
robrwo/CatalystX-Statsd
Log Catalyst statistics to Statsd
GitHubGitHub
1
robrwo/Plack-Middleware-Statsd
robrwo/Plack-Middleware-Statsd
send statistics to statsd from Plack
GitHubGitHub