CVE-2017-0906

Name of the Vulnerable Software and Affected Versions Recurly Client Python Library versions prior to 2.0.5 Recurly Client Python Library versions prior to 2.1.16 Recurly Client Python Library versions prior to 2.2.22 Recurly Client Python Library versions prior to 2.3.1 Recurly Client Python Library versions prior to 2.4.5 Recurly Client Python Library versions prior to 2.5.1 Recurly Client Python Library versions prior to 2.6.2

Description The issue is related to a Server-Side Request Forgery vulnerability in the Resource.get method. This could result in the compromise of API keys or other critical resources.

Recommendations For versions prior to 2.0.5, update to version 2.0.5 or later. For versions prior to 2.1.16, update to version 2.1.16 or later. For versions prior to 2.2.22, update to version 2.2.22 or later. For versions prior to 2.3.1, update to version 2.3.1 or later. For versions prior to 2.4.5, update to version 2.4.5 or later. For versions prior to 2.5.1, update to version 2.5.1 or later. For versions prior to 2.6.2, update to version 2.6.2 or later.