Описание
Recurly gem Server-Side Request Forgery in Resource#find method
The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the Resource#find method that could result in compromise of API keys or other critical resources.
Пакеты
recurly
>= 2.3.0, < 2.3.10
2.3.10
recurly
>= 2.2.0, < 2.2.5
2.2.5
recurly
>= 2.1.0, < 2.1.11
2.1.11
recurly
>= 2.0.0, < 2.0.13
2.0.13
recurly
>= 2.9.0, < 2.9.2
2.9.2
recurly
>= 2.8.0, < 2.8.2
2.8.2
recurly
>= 2.7.0, < 2.7.8
2.7.8
recurly
>= 2.6.0, < 2.6.3
2.6.3
recurly
>= 2.5.0, < 2.5.4
2.5.4
recurly
>= 2.4.0, < 2.4.11
2.4.11
recurly
>= 2.11.0, < 2.11.3
2.11.3
recurly
>= 2.10.0, < 2.10.4
2.10.4
Связанные уязвимости
The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Server-Side Request Forgery vulnerability in the "Resource#find" method that could result in compromise of API keys or other critical resources.