CVE-2017-0906

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.
Configurations

Configuration 1 (hide)

cpe:2.3:a:recurly:recurly_client_python:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:recurly:recurly_client_python:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:recurly:recurly_client_python:*:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:a:recurly:recurly_client_python:2.3.0:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:a:recurly:recurly_client_python:*:*:*:*:*:*:*:*

Configuration 6 (hide)

cpe:2.3:a:recurly:recurly_client_python:2.5.0:*:*:*:*:*:*:*

Configuration 7 (hide)

OR cpe:2.3:a:recurly:recurly_client_python:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:recurly:recurly_client_python:2.6.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-13 17:29

Updated : 2024-02-28 16:04


NVD link : CVE-2017-0906

Mitre link : CVE-2017-0906

CVE.ORG link : CVE-2017-0906


JSON object : View

Products Affected

recurly

  • recurly_client_python
CWE
CWE-918

Server-Side Request Forgery (SSRF)