Published: 13/11/2017 Updated: 21/11/2024

The Recurly Client Ruby Library prior to 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource#find" method that could result in compromise of API keys or other critical resources.

Vulnerable Product	Search on Vulmon	Subscribe to Product
recurly recurly client ruby 2.0.0
recurly recurly client ruby 2.0.1
recurly recurly client ruby 2.0.2
recurly recurly client ruby 2.0.3
recurly recurly client ruby 2.0.4
recurly recurly client ruby 2.0.5
recurly recurly client ruby 2.0.6
recurly recurly client ruby 2.0.7
recurly recurly client ruby 2.0.8
recurly recurly client ruby 2.0.9
recurly recurly client ruby 2.0.10
recurly recurly client ruby 2.0.11
recurly recurly client ruby 2.0.12
recurly recurly client ruby 2.1.0
recurly recurly client ruby 2.1.1
recurly recurly client ruby 2.1.2
recurly recurly client ruby 2.1.3
recurly recurly client ruby 2.1.4
recurly recurly client ruby 2.1.5
recurly recurly client ruby 2.1.6
recurly recurly client ruby 2.1.7
recurly recurly client ruby 2.1.8
recurly recurly client ruby 2.1.9
recurly recurly client ruby 2.1.10
recurly recurly client ruby 2.2.0
recurly recurly client ruby 2.2.1
recurly recurly client ruby 2.2.2
recurly recurly client ruby 2.2.3
recurly recurly client ruby 2.2.4
recurly recurly client ruby 2.3.0
recurly recurly client ruby 2.3.1
recurly recurly client ruby 2.3.2
recurly recurly client ruby 2.3.3
recurly recurly client ruby 2.3.4
recurly recurly client ruby 2.3.5
recurly recurly client ruby 2.3.6
recurly recurly client ruby 2.3.7
recurly recurly client ruby 2.3.8
recurly recurly client ruby 2.3.9
recurly recurly client ruby 2.4.0
recurly recurly client ruby 2.4.1
recurly recurly client ruby 2.4.2
recurly recurly client ruby 2.4.3
recurly recurly client ruby 2.4.4
recurly recurly client ruby 2.4.5
recurly recurly client ruby 2.4.6
recurly recurly client ruby 2.4.7
recurly recurly client ruby 2.4.8
recurly recurly client ruby 2.4.9
recurly recurly client ruby 2.4.10
recurly recurly client ruby 2.5.0
recurly recurly client ruby 2.5.1
recurly recurly client ruby 2.5.2
recurly recurly client ruby 2.5.3
recurly recurly client ruby 2.6.0
recurly recurly client ruby 2.6.1
recurly recurly client ruby 2.6.2
recurly recurly client ruby 2.7.0
recurly recurly client ruby 2.7.1
recurly recurly client ruby 2.7.2
recurly recurly client ruby 2.7.3
recurly recurly client ruby 2.7.4
recurly recurly client ruby 2.7.5
recurly recurly client ruby 2.7.6
recurly recurly client ruby 2.7.7
recurly recurly client ruby 2.8.0
recurly recurly client ruby 2.8.1
recurly recurly client ruby 2.9.0
recurly recurly client ruby 2.9.1
recurly recurly client ruby 2.10.0
recurly recurly client ruby 2.10.1
recurly recurly client ruby 2.10.2
recurly recurly client ruby 2.10.3
recurly recurly client ruby 2.11.0
recurly recurly client ruby 2.11.1
recurly recurly client ruby 2.11.2

CWE-918 CWE-918 https://nvd.nist.gov https://www.first.org/epss https://dev.recurly.com/page/ruby-updates https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be https://hackerone.com/reports/288635 https://dev.recurly.com/page/ruby-updates https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be https://hackerone.com/reports/288635

CVE-2017-0905

Vulnerability Summary

References

Vulmon Search

About

Products

Connect