Fedora 44 perl-Net-Statsd Important Metric Injection CVE-2026-46739
fedora
June 18, 2026
Metric names and values are now validated to ensure they do not contain characters below ASCII 32 (including newlines), colon (":") or pipe ("|") characters that might allow metric...
Summary
This module implements a client for a statsd statistics collection server, such
as the one in use at Etsy.com.
You want to use this module to track statistics in your Perl application, such
as how many times a certain event occurs (user logins in a web application, or
database queries issued), or you want to time and then graph how long certain
events take, like database queries execution time or time to download a certain
file, etc.
Update Information:
Metric names and values are now validated to ensure they do not contain characters below ASCII 32 (including newlines), colon (":") or pipe ("|") characters that might allow metric injection. Offending calls now croak.
Topics Covered
Change Log
* Sun Jun 7 2026 Emmanuel Seyman
References
[ 1 ] Bug #2486960 - CVE-2026-46739 perl-Net-Statsd: perl-Net-Statsd: Metric injection via unchecked metric names and values [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2486960
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-9c71664439' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Name: perl-Net-Statsd
Product: Fedora 44
Version: 0.13
Release: 1.fc44
Summary: Sends statistics to the stats daemon over UDP
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!