CVE-2026-45179: CWE-319 Cleartext Transmission of Sensitive Information in RRWO Plack::Middleware::Statsd
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no longer logged to statsd unless configured. When configured, an HMAC signature of the IP address is logged instead.
AI Analysis
Technical Summary
This vulnerability in Plack::Middleware::Statsd (versions before 0.9.0) involves cleartext transmission of sensitive information (user IP addresses) over unsecured communication channels to the statsd daemon. If UDP packets are sent to hosts on other networks without encryption or secure transport, user IP addresses can be exposed. The issue is addressed in version 0.9.0 by disabling IP address logging by default and replacing it with an HMAC signature when logging is enabled.
Potential Impact
User IP addresses may be exposed to unauthorized parties if the statsd communication channel is not secured, potentially compromising user privacy. There is no indication of active exploitation in the wild. The impact is limited to information disclosure of IP addresses via cleartext transmission.
Mitigation Recommendations
Upgrade to Plack::Middleware::Statsd version 0.9.0 or later, where IP address logging is disabled by default and replaced with an HMAC signature if enabled. If upgrading is not immediately possible, ensure that the communication channel to the statsd daemon is secured (e.g., avoid sending UDP packets over untrusted networks). Patch status is not explicitly confirmed; check the vendor advisory for the latest remediation guidance.
CVE-2026-45179: CWE-319 Cleartext Transmission of Sensitive Information in RRWO Plack::Middleware::Statsd
Description
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses. If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host on another network), then users' IP addresses may be leaked. Since version 0.9.0, the IP address is no longer logged to statsd unless configured. When configured, an HMAC signature of the IP address is logged instead.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability in Plack::Middleware::Statsd (versions before 0.9.0) involves cleartext transmission of sensitive information (user IP addresses) over unsecured communication channels to the statsd daemon. If UDP packets are sent to hosts on other networks without encryption or secure transport, user IP addresses can be exposed. The issue is addressed in version 0.9.0 by disabling IP address logging by default and replacing it with an HMAC signature when logging is enabled.
Potential Impact
User IP addresses may be exposed to unauthorized parties if the statsd communication channel is not secured, potentially compromising user privacy. There is no indication of active exploitation in the wild. The impact is limited to information disclosure of IP addresses via cleartext transmission.
Mitigation Recommendations
Upgrade to Plack::Middleware::Statsd version 0.9.0 or later, where IP address logging is disabled by default and replaced with an HMAC signature if enabled. If upgrading is not immediately possible, ensure that the communication channel to the statsd daemon is secured (e.g., avoid sending UDP packets over untrusted networks). Patch status is not explicitly confirmed; check the vendor advisory for the latest remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- CPANSec
- Date Reserved
- 2026-05-09T18:57:17.867Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a00e1bdcbff5d8610bda80a
Added to database: 5/10/2026, 7:51:25 PM
Last enriched: 5/10/2026, 8:06:20 PM
Last updated: 5/10/2026, 9:59:26 PM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.