CVE-2017-0906 - AskarLabs CVE Database

CVE-2017-0906

Vendor Recurly

Product recurly python module

Weakness CWE-918 · SSRF

Published November 13, 2017

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource.get" method that could result in compromise of API keys or other critical resources.

Key dates

02Disclosure timeline

November 13, 2017 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-0906 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/918.html

Related vulnerabilities

04Related CVE

CVE-2026-6333 SSRF via Host Header Spoofing in Custom Slash Commands CVE-2024-0649 ZhiHuiYun Search ImageController.php download_network_image server-side request forgery CVE-2020-36884 BrightSign Digital Signage Diagnostic Web Server 8.2.26 Unauthenticated SSRF CVE-2026-2393 Server-Side Request Forgery (SSRF) in mlflow/mlflow CVE-2025-22474